secure.gratowin.com Open in urlscan Pro
147.78.140.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://biy.io/7GerIG2YQR
Effective URL:
https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Submission: On August 09 via manual (August 9th 2024, 11:25:03 am UTC) from IE — Scanned from CA

Summary HTTP 148 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 20 domains to perform 148 HTTP transactions. The main IP is 147.78.140.54, located in Bulgaria and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is secure.gratowin.com.
TLS certificate: Issued by E6 on July 28th 2024. Valid for: 3 months.

This is the only time secure.gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	52.85.132.68 52.85.132.68	16509 (AMAZON-02) (AMAZON-02)
1 1	52.31.202.204 52.31.202.204	16509 (AMAZON-02) (AMAZON-02)
1 1	147.78.140.87 147.78.140.87	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 84	147.78.140.54 147.78.140.54	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	172.217.197.95 172.217.197.95	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.222.97 172.217.222.97	15169 (GOOGLE) (GOOGLE)
3	52.6.11.66 52.6.11.66	14618 (AMAZON-AES) (AMAZON-AES)
3	173.194.68.207 173.194.68.207	15169 (GOOGLE) (GOOGLE)
5	74.125.192.101 74.125.192.101	15169 (GOOGLE) (GOOGLE)
1	204.79.197.237 204.79.197.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	46.51.157.121 46.51.157.121	16509 (AMAZON-02) (AMAZON-02)
1	52.85.132.101 52.85.132.101	16509 (AMAZON-02) (AMAZON-02)
2	52.85.132.7 52.85.132.7	16509 (AMAZON-02) (AMAZON-02)
1	13.248.221.98 13.248.221.98	16509 (AMAZON-02) (AMAZON-02)
1	13.32.151.53 13.32.151.53	16509 (AMAZON-02) (AMAZON-02)
1	108.138.85.60 108.138.85.60	16509 (AMAZON-02) (AMAZON-02)
3	46.51.130.78 46.51.130.78	16509 (AMAZON-02) (AMAZON-02)
9	147.78.140.52 147.78.140.52	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
5	142.250.31.94 142.250.31.94	15169 (GOOGLE) (GOOGLE)
17	104.21.24.167 104.21.24.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.162.125.11 3.162.125.11	16509 (AMAZON-02) (AMAZON-02)
1	18.67.65.59 18.67.65.59	16509 (AMAZON-02) (AMAZON-02)
148	21

2 52.85.132.68 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-68.iad50.r.cloudfront.net

biy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.202.204 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-204.eu-west-1.compute.amazonaws.com

api.solitics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.78.140.87 (Bulgaria) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.geogratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

84 147.78.140.54 (Bulgaria) 4 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

secure.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms2.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.197.95 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.6.11.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-11-66.compute-1.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.194.68.207 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f207.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.192.101 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.51.157.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-157-121.eu-west-1.compute.amazonaws.com

src.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gratowin.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.132.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-101.iad50.r.cloudfront.net

d2afn796dyftlg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.85.132.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-7.iad50.r.cloudfront.net

sdk.solitics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.221.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com

anakatechsupport.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.151.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-53.iad66.r.cloudfront.net

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.85.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-60.iad12.r.cloudfront.net

b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.51.130.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-130-78.eu-west-1.compute.amazonaws.com

api.xtremepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 147.78.140.52 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

analytics.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.31.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.21.24.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cms2.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.162.125.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-11.iad61.r.cloudfront.net

3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.65.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-59.iad89.r.cloudfront.net

s3.xtremepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	gratowin.com 4 redirects secure.gratowin.com cms2.gratowin.com www.gratowin.com	1019 KB
17	netoplaycdn.com cms2.netoplaycdn.com	433 KB
9	streamygame.com analytics.streamygame.com ga.streamygame.com	3 KB
5	gstatic.com fonts.gstatic.com	51 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 storage.googleapis.com — Cisco Umbrella Rank: 492	180 KB
4	antillephone.com 3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	51 KB
4	xtremepush.com api.xtremepush.com — Cisco Umbrella Rank: 37838 s3.xtremepush.com — Cisco Umbrella Rank: 207453	10 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 7738	21 KB
3	solitics.com 1 redirects api.solitics.com — Cisco Umbrella Rank: 457629 sdk.solitics.com — Cisco Umbrella Rank: 477859	2 KB
2	webpu.sh src.webpu.sh — Cisco Umbrella Rank: 197829 gratowin.webpu.sh	25 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	212 KB
2	biy.io 2 redirects biy.io	1023 B
1	certria.com b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	2 KB
1	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 30663	2 KB
1	freshchat.com anakatechsupport.freshchat.com	22 KB
1	cloudfront.net d2afn796dyftlg.cloudfront.net	11 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 534	14 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1832	24 KB
1	geogratowin.com 1 redirects www.geogratowin.com	2 KB
148	20

	Domain	Requested by
78	secure.gratowin.com	3 redirects secure.gratowin.com
17	cms2.netoplaycdn.com
8	analytics.streamygame.com	secure.gratowin.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com secure.gratowin.com
4	3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	www.gratowin.com
4	www.gratowin.com	1 redirects secure.gratowin.com www.gratowin.com
3	api.xtremepush.com	secure.gratowin.com
3	storage.googleapis.com	secure.gratowin.com
3	mpsnare.iesnare.com	secure.gratowin.com mpsnare.iesnare.com
2	cms2.gratowin.com	secure.gratowin.com
2	sdk.solitics.com	d2afn796dyftlg.cloudfront.net
2	www.googletagmanager.com	secure.gratowin.com www.google-analytics.com
2	fonts.googleapis.com	secure.gratowin.com client
2	biy.io	2 redirects
1	ga.streamygame.com	secure.gratowin.com
1	s3.xtremepush.com
1	gratowin.webpu.sh	src.webpu.sh
1	b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	secure.gratowin.com
1	web-sdk.smartlook.com	secure.gratowin.com
1	anakatechsupport.freshchat.com	secure.gratowin.com
1	d2afn796dyftlg.cloudfront.net	secure.gratowin.com
1	src.webpu.sh	www.googletagmanager.com
1	bat.bing.com	www.googletagmanager.com
1	maxcdn.bootstrapcdn.com	secure.gratowin.com
1	www.geogratowin.com	1 redirects
1	api.solitics.com	1 redirects
148	27

This site contains links to these domains. Also see Links.

Domain
www.netopartners.com

Subject Issuer	Validity	Valid
secure.gratowin.com E6	`2024-07-28` - `2024-10-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2024-05-06` - `2025-05-20`	a year	crt.sh
storage.googleapis.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
webpu.sh R11	`2024-06-19` - `2024-09-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.solitics.com Amazon RSA 2048 M03	`2024-06-12` - `2025-07-11`	a year	crt.sh
*.freshchat.com Amazon RSA 2048 M02	`2024-01-22` - `2025-02-18`	a year	crt.sh
web-sdk.smartlook.com Amazon RSA 2048 M02	`2024-06-13` - `2025-07-12`	a year	crt.sh
*.seals-emr.certria.com AlphaSSL CA - SHA256 - G4	`2023-07-24` - `2024-08-24`	a year	crt.sh
*.xtremepush.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
analytics.streamygame.com E5	`2024-07-29` - `2024-10-27`	3 months	crt.sh
cms2.gratowin.com E6	`2024-07-27` - `2024-10-25`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
www.gratowin.com E5	`2024-07-28` - `2024-10-26`	3 months	crt.sh
netoplaycdn.com WE1	`2024-08-06` - `2024-11-04`	3 months	crt.sh
*.snippet.antillephone.com Starfield Secure Certificate Authority - G2	`2024-04-29` - `2025-05-31`	a year	crt.sh
s3.eu.xtremepush.com Amazon RSA 2048 M03	`2024-07-22` - `2025-08-21`	a year	crt.sh
ga.streamygame.com E6	`2024-07-29` - `2024-10-27`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Frame ID: 1DA175F0F879D8EC090D84B6A5994B3F
Requests: 129 HTTP requests in this frame

Frame: https://secure.gratowin.com/brand-info.json
Frame ID: 6207EDF1827EB95C0167E21773D784AB
Requests: 1 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: D4B114E5370782EBE9FD72E736D50541
Requests: 2 HTTP requests in this frame

Frame: https://gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/frame.html?id=4652156693&key=4GFfCDNISbAA42sX5TfGUzjOtvi8wJtI
Frame ID: A39E1B66515BD3BE4740CA3B40B33048
Requests: 1 HTTP requests in this frame

Frame: https://www.gratowin.com/seal.html
Frame ID: 4089008F297B2B9C98472251BED2981E
Requests: 5 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: 30182B5D9532A07C4C38F754DF492DB8
Requests: 2 HTTP requests in this frame

Frame: https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: A3A18DA5E35C9921780F00990E147D0B
Requests: 2 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js
Frame ID: 62910A9770CB87DF09ACE43FDC32A346
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GratoWin

Page URL History Show full URLs

http://biy.io/7GerIG2YQR HTTP 307
https://biy.io/7GerIG2YQR HTTP 301
https://biy.io/rest/short/7GerIG2YQR HTTP 307
https://api.solitics.com/rest/promotions/redirectToExternalLink?recordType=SMS&userId=6694fc853a6b450... HTTP 307
http://www.geogratowin.com/?flow=deposit&couponCode=WRP50 HTTP 307
https://www.geogratowin.com/?flow=deposit&couponCode=WRP50 HTTP 302
https://secure.gratowin.com/?flow=deposit&couponCode=WRP50 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

148
Requests

95 %
HTTPS

0 %
IPv6

20
Domains

27
Subdomains

21
IPs

4
Countries

2104 kB
Transfer

7064 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netopartners.com/
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://biy.io/7GerIG2YQR HTTP 307
https://biy.io/7GerIG2YQR HTTP 301
https://biy.io/rest/short/7GerIG2YQR HTTP 307
https://api.solitics.com/rest/promotions/redirectToExternalLink?recordType=SMS&userId=6694fc853a6b4501a99e0716&promotionId=66a8ab3038d12f4dc15b851c&contentId=66a8ab3038d12f4dc15b8517&url=http%3A%2F%2Fwww.geogratowin.com%2F%3Fflow%3Ddeposit%26couponCode%3DWRP50 HTTP 307
http://www.geogratowin.com/?flow=deposit&couponCode=WRP50 HTTP 307
https://www.geogratowin.com/?flow=deposit&couponCode=WRP50 HTTP 302
https://secure.gratowin.com/?flow=deposit&couponCode=WRP50 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

Request Chain 99

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

Request Chain 117

https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

Request Chain 135

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js

148 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.gratowin.com/
Redirect Chain

http://biy.io/7GerIG2YQR
https://biy.io/7GerIG2YQR
https://biy.io/rest/short/7GerIG2YQR
https://api.solitics.com/rest/promotions/redirectToExternalLink?recordType=SMS&userId=6694fc853a6b4501a99e0716&promotionId=66a8ab3038d12f4dc15b851c&contentId=66a8ab3038d12f4dc15b8517&url=http%3A%2F...
http://www.geogratowin.com/?flow=deposit&couponCode=WRP50
https://www.geogratowin.com/?flow=deposit&couponCode=WRP50
https://secure.gratowin.com/?flow=deposit&couponCode=WRP50

5 KB
2 KB

609ms
412ms

Document
text/html

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b569edb796c39b9ad630103a208254745c7266bfff2b06ca56320c2b43feb862

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: no-cache,max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8b0761e15a7d39ff-YYZ
content-encoding: gzip
content-type: text/html
date: Fri, 09 Aug 2024 11:24:53 GMT
expires: Fri, 09 Aug 2024 11:24:53 GMT
last-modified: Thu, 08 Aug 2024 06:00:05 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1723096805819928
x-goog-hash: crc32c=5cmasQ== md5=CPW20jRXdATpk/PrxvQ0EQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4519
x-guploader-uploadid: AHxI1nOtAf41SNixfPE7v8a208RAczQ-vvIxr1vAUQzpJUBQpAfIAktyBkyPyvrNngz2IHm6V1M

Redirect headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8b0761dd9d6cac03-YYZ
content-length: 1089
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Ri9S4VgwcMaZWNp077H0_M9ymvbTYp6tDp_D0sy9iDg-1723202693-1.0.1.1-r.dFNJbU_fVEiWR6E0PVJDnJnQL8FN1dqdB.934um4SGCnHd4Pcq6_2qUf3nBgt7lqBb36bLuP8_uujvPIzcOKd7hsUg8TlWM.NruH6TsXLEv8z3aCxAk81VJdYjw1HCSq8Dhf7bgAi2MIQ_8trs5pmDHfBex2S3VQmUdjCLjSI; report-to cf-csp-endpoint
content-type: text/html
date: Fri, 09 Aug 2024 11:24:53 GMT
location: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Ri9S4VgwcMaZWNp077H0_M9ymvbTYp6tDp_D0sy9iDg-1723202693-1.0.1.1-r.dFNJbU_fVEiWR6E0PVJDnJnQL8FN1dqdB.934um4SGCnHd4Pcq6_2qUf3nBgt7lqBb36bLuP8_uujvPIzcOKd7hsUg8TlWM.NruH6TsXLEv8z3aCxAk81VJdYjw1HCSq8Dhf7bgAi2MIQ_8trs5pmDHfBex2S3VQmUdjCLjSI"}],"group":"cf-csp-endpoint","max_age":86400}
server: cloudflare
x-powered-by: PHP/5.5.9-1ubuntu4.29

GET
H2 200 css2
fonts.googleapis.com/ 39 KB
2 KB 151ms
54ms Stylesheet
text/css 172.217.197.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;800;900&family=Montserrat:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter:wght@400;500;600;700;800;900&display=swap

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f95.1e100.net

Software

ESF /

Resource Hash

2da346af8503389371ed51c03cb65a5507bd28f54f3fa3cefead703cd632438a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 11:24:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Aug 2024 11:24:53 GMT

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
24 KB 55ms
30ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
Origin: https://secure.gratowin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 625
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 8189285
cdn-cachedat: 10/31/2023 18:49:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e91fae3e67217b33c9f272dd74b57356
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8b0761e42f52ab1b-YYZ
cdn-requestpullsuccess: True

GET
H2 200 dot-pulse.css
secure.gratowin.com/lobby/ 4 KB
1 KB 79ms
73ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/dot-pulse.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nNmUI7TGZE3cFsuVR2-RNRwUhCRhbbjv6r5aW20C1NlohDyNbjX32KqcLQkCXvdmVxPy_HYMw64iw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:05 GMT
server: cloudflare
etag: W/"63ec6ad3f23feea868bb8ad6eb2c62d1"
vary: Accept-Encoding
x-goog-generation: 1723096745769332
content-type: text/css
x-goog-hash: crc32c=Z/NCrA==, md5=Y+xq0/I/7qhou4rW6yxi0Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 4542
cf-ray: 8b0761e40cac39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 offline-js-script.js Show response
secure.gratowin.com/lobby/ 9 KB
3 KB 78ms
73ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/offline-js-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ae5f198fc24edb19bde78d0f110cb91b54b01dbfc071c1b9cac85ee36af3f4

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nNwJKXo8v4KjPIcK-8Fby2WkcStyyGME6Qy_PrvxrbTnMQ8K8G3mDdhtTpTlE7ja8ogatl5xJIZKw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"e81598c5eed9077dafbac1648fb60e3c"
vary: Accept-Encoding
x-goog-generation: 1723096746087746
content-type: text/javascript
x-goog-hash: crc32c=EAq40A==, md5=6BWYxe7ZB32vusFkj7YOPA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 9622
cf-ray: 8b0761e40cb139ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 main.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 3 MB
657 KB 40ms
34ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/main.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d327b5b670c4ce36224da7fc3ad0482e4db6404e10853517d6f2647e883af06c

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nM91BJVT9iTgDbpirveGMKk0sx1ON3EKSMVIZlspYHaO86oFnuZPY--1dgFxpxZve5H7Xi1EeNX7Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"2947c2aa9dd8049237345a19730b149a"
vary: Accept-Encoding
x-goog-generation: 1723096746012957
content-type: text/javascript
x-goog-hash: crc32c=V0AIoQ==, md5=KUfCqp3YBJI3NFoZcwsUmg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2984379
cf-ray: 8b0761e40cb239ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 main.6c3004060c0193b95f30.css
secure.gratowin.com/lobby/ 136 KB
48 KB 42ms
36ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/main.6c3004060c0193b95f30.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4057bc693cc63e2ba74691cfaa9c6fca281ac9454565a43e28ebc0475e267cdb

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nNTA4LrTVh4dNpJUeI2whT_icYuOSudPUT2RxhyCyVlnLFaaAc37XfLB8lXzclJdWlcqqo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:05 GMT
server: cloudflare
etag: W/"8122306b480bb3cf743cf6daa01c02e5"
vary: Accept-Encoding
x-goog-generation: 1723096745965764
content-type: text/css
x-goog-hash: crc32c=re3YPg==, md5=gSIwa0gLs890PPbaoBwC5Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 139729
cf-ray: 8b0761e40cb039ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 runtime.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 9 KB
4 KB 79ms
74ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4b7670e764e041d58c675426f9689f501eb8f43c79efbc1aaa62a69b9a3acd

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nNz5OCr_9ZLP-tZONptLySZmKJdmr58T6zc1HqRzSprYsfBmptSJED0EORJ04lQULj4GKkxTTXzyA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"5fb09adc743651a78cda131a98318418"
vary: Accept-Encoding
x-goog-generation: 1723096746096363
content-type: text/javascript
x-goog-hash: crc32c=2O6qtA==, md5=X7Ca3HQ2UaeM2hMamDGEGA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 8737
cf-ray: 8b0761e40cb439ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 bonus-queue-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 2 KB
994 B 37ms
32ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/bonus-queue-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd5c5fea1ef6051c021198e67eec3057c23d544f170cf384ae58b8c4b22fe1b

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nOKyd5o1ncqCo4X76211J7tnd6X7EgFv0N259ABfD-R_e1b3rWOFszoYWSsUN-VPlzYBs4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"84bca476273ba5eca5b31608d578ad6d"
vary: Accept-Encoding
x-goog-generation: 1723096746136931
content-type: image/svg+xml
x-goog-hash: crc32c=m8ULcg==, md5=hLykdic7peylsxYI1XitbQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1585
cf-ray: 8b0761e40cb539ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 casino-tab-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 2 KB
1002 B 79ms
74ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/casino-tab-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 520d69d708084fcaecd3f34a7ad7c9e300f115d575d1350f8d0ebb8fdda52ea5

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nN8kTT2QWNYhOESr-x6_YG5PjhhOZSwKnJG8QYhHKf25XsYwTKuVi6ZuzEoDlUaLE9pVQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"65ccf19b16f918c2d4eee50a252f5431"
vary: Accept-Encoding
x-goog-generation: 1723096746145385
content-type: image/svg+xml
x-goog-hash: crc32c=foKM1Q==, md5=Zczxmxb5GMLU7uUKJS9UMQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2139
cf-ray: 8b0761e40cb639ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 games-tab-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 1 KB
688 B 58ms
54ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/games-tab-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e9b274dd2fa2b17f34799c976842b9608e23b8dc5bb1a0e21d428cee65304c

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nNFuK3vSfBye1HHRSGO8_REwADWrjZ2OHZnYdxaPGXe9a9tdSiWDnJdINPho4_iiCkAUKkmgBmJag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"371958a78ec147c4d809d9abce3167ce"
vary: Accept-Encoding
x-goog-generation: 1723096746287218
content-type: image/svg+xml
x-goog-hash: crc32c=0oev8w==, md5=NxlYp47BR8TYCdmrzjFnzg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1392
cf-ray: 8b0761e40cb939ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 link-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 1 KB
811 B 38ms
34ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/link-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11410914a8cddc52544c5020a955eadc623ad903b5d5e2f87b3fa49353bf9576

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nNRTl1nMolQUK0ZVmuwZzECkPV9dkh-VaDNdTZlQuUTAymhRP-JMZbtU8aeDqY15IpgRg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"f967d27247406a3e95889fb6c574935b"
vary: Accept-Encoding
x-goog-generation: 1723096746393053
content-type: image/svg+xml
x-goog-hash: crc32c=WQD4TQ==, md5=+WfSckdAaj6ViJ+2xXSTWw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1243
cf-ray: 8b0761e40cba39ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 live-casino-tab-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 2 KB
1 KB 58ms
54ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/live-casino-tab-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a4567da0d9e62ed583bbd1feb2f351daa82c062b814e5f6edc7a2ec1714edb

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nP5E43kITeePYPjgJROnoua2LOohP2yc9uaSjdTjvIser5DZ97mkbDtOlKc4DjNCS5RrJf0CLJZRw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"9e6a8533af8f965cd9f8ed25fddfef3b"
vary: Accept-Encoding
x-goog-generation: 1723096746487633
content-type: image/svg+xml
x-goog-hash: crc32c=oT9sJg==, md5=nmqFM6+PllzZ+O0l/d/vOw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2369
cf-ray: 8b0761e40cbb39ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 login-header-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 781 B
620 B 58ms
55ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/login-header-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31d1b145b50abff4a8b91e06093d7ec6dd63fab6ec61b7d48713f156bd7577ba

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nNatiGa7FhSe7JlOEju2SXOmU9BNZLhiJL1hOwUWwbuwUAnXPRijOPDX0MZqSwaEaQRSZkCFic0vA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"8eb89eb21df162ef2a48d994762f7a73"
vary: Accept-Encoding
x-goog-generation: 1723096746493864
content-type: image/svg+xml
x-goog-hash: crc32c=bhxsyg==, md5=jriesh3xYu8qSNmUdi96cw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 781
cf-ray: 8b0761e42cce39ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 promotions-tab-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 1 KB
747 B 78ms
74ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/promotions-tab-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3283135b1e8cc0c73e47d2ca40d065de7e31101b3f2e0b8ff98b5994c10cdb

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nNWkmsTBBEYq1vOjXi1YV6h1K-WAKj0Kbel5HQ5hTm33_lAzRCKWNUqG6LITCfqeJl9J-4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"b0a56a2ec4e58bd747938f8f222ac8e2"
vary: Accept-Encoding
x-goog-generation: 1723096746560199
content-type: image/svg+xml
x-goog-hash: crc32c=Lyl4hA==, md5=sKVqLsTli9dHk4+PIirI4g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1048
cf-ray: 8b0761e42ccf39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 scratch-tab-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 2 KB
1 KB 81ms
78ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/scratch-tab-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf2e241d8ccaac59aa598dc722cb71cae71612e19e2e1cf28c1b481e9c752f4

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nOzs9E7cqBBEuRWWejXhLGhC1lFUB1egMhOKci15GOziSPwkm4Yu42IWLpiVPwBXNUUN3-ckZ6z1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"a1dd3ab4a42cdd13bda1d94189386283"
vary: Accept-Encoding
x-goog-generation: 1723096746681020
content-type: image/svg+xml
x-goog-hash: crc32c=MB3KSg==, md5=od06tKQs3RO9odlBiThigw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2424
cf-ray: 8b0761e42cd039ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 search-solid-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 390 B
489 B 80ms
77ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/search-solid-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a24daddbc8f1cc57031e35af1457ae14d77f8d8ecb1fb5b8ca8c281eca7cb56

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nNxvWP8x--m247sgMjX2tOdLuSEx5LrIIvG3nGO_Gw5TwLEgb0MLe0yb6woxTyrVdATdgY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"103fb96cf47b1f35ff68ec90d447b1fd"
vary: Accept-Encoding
x-goog-generation: 1723096746616627
content-type: image/svg+xml
x-goog-hash: crc32c=ktKyDA==, md5=ED+5bPR7HzX/aOyQ1Eex/Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 390
cf-ray: 8b0761e42cd139ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 live-casino-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/ 3 KB
2 KB 58ms
55ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/live-casino-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3373a5b2aef845b7e80caec1cf1d6dd2dc4d77df7fca4dbdff499fd36c6c491b

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nNzRuZfaPAJCyilqMCvzE3ycdNeNWvpigBoZDxGerXPgh4qjQDsNCPexrdDJrxgJ0uozA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"73c5be5b07df87a5966127349cd046ad"
vary: Accept-Encoding
x-goog-generation: 1723096746796232
content-type: image/svg+xml
x-goog-hash: crc32c=7E2KcA==, md5=c8W+Wwffh6WWYSc0nNBGrQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2987
cf-ray: 8b0761e42cd239ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 menu-casino-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/ 3 KB
1 KB 59ms
56ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/menu-casino-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c649ca16db398249bbd2c29833c8dd1c84aae8d4625cd81d629fbb16d4424259

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nOE2ZHdedap7gbMAKdbMjd054GtbSVcv2WfDyJYMhHJwVpdaPbafoUCajchFb6ZBo6G7NA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"87957d925163014f6361c9f6be093a07"
vary: Accept-Encoding
x-goog-generation: 1723096746795280
content-type: image/svg+xml
x-goog-hash: crc32c=JDIvxA==, md5=h5V9klFjAU9jYcn2vgk6Bw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2592
cf-ray: 8b0761e42cd339ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 menu-game-show-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/ 1 KB
932 B 57ms
55ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/menu-game-show-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 684ad49349593a11655a6c36397a6fe5e334cb66de5801cbccaf43f360a32a57

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nPwzTvCJiJNjiCYe7o9h2ipGghFeahPskeS9h051Px5QGjvlTAczrTtpPuhcPtVdYTe0A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:06 GMT
server: cloudflare
etag: W/"a1bb10f8b100bd46a545086f19ce2173"
vary: Accept-Encoding
x-goog-generation: 1723096746880349
content-type: image/svg+xml
x-goog-hash: crc32c=6AWiaw==, md5=obsQ+LEAvUalRQhvGc4hcw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1137
cf-ray: 8b0761e42cd439ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 menu-live-betting-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/ 560 B
548 B 59ms
57ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/menu-live-betting-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aafaed5471b7f27a01821cd1224d46783d9e7994dd295ea2972a0cb4493e675

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nOgwYtWB1WC_gVTOHDWdexsEeZ_xNx5I7JUiwKwstGWjCRp9afEt5_gPI_0N9H_mH8WBA0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:07 GMT
server: cloudflare
etag: W/"ecf02815cd8d7e256f5999f9f48c38e0"
vary: Accept-Encoding
x-goog-generation: 1723096746966021
content-type: image/svg+xml
x-goog-hash: crc32c=tkIsVw==, md5=7PAoFc2NfiVvWZn59Iw44A==
cache-control: public, max-age=3600
x-goog-stored-content-length: 560
cf-ray: 8b0761e42cd539ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 menu-sport-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/ 1 KB
963 B 81ms
79ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/sevenbet/menu-sport-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2f5dc7f19f30c5ada3c064a8ccd63490d2661f6332ab89f9d9a59801caa7edc

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nMTwQ16SVwtBkhm9uxDvX1iwYSCJfXZWRs1YhdTKw6gaeRs86BcuPct_J6aW14RFzVr-WQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:07 GMT
server: cloudflare
etag: W/"537bcf9abf653422fc5dd64014972759"
vary: Accept-Encoding
x-goog-generation: 1723096747092472
content-type: image/svg+xml
x-goog-hash: crc32c=xvxXiQ==, md5=U3vPmr9lNCL8XdZAFJcnWQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1508
cf-ray: 8b0761e42cd739ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 slot-tab-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 2 KB
1 KB 80ms
78ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/slot-tab-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0817cf35f92b0d0cccac3bc2a954cfcd251ca6d1b49bcb9146e4b5fadd9ace5a

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPEGKG6BRK4A1f_wU_l3gGWtYvcqpvhSW03SVGo6iRQ9EF5VqVXH9fWYkkq5vfcIk-_juXqDmwL0w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:07 GMT
server: cloudflare
etag: W/"de35d15b5d3c7a181c790862f69ea177"
vary: Accept-Encoding
x-goog-generation: 1723096747364210
content-type: image/svg+xml
x-goog-hash: crc32c=I2XFtA==, md5=3jXRW108ehgceQhi9p6hdw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2280
cf-ray: 8b0761e42cd839ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 up-icon.svg Show response
secure.gratowin.com/lobby/src/assets/internal-icons/ 227 B
424 B 58ms
56ms Script
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/src/assets/internal-icons/up-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 686d6c6f2ac97480f2031c15a87adda38596c0d2770339d21e915eb0b987270b

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nM3xbHTNEOENvDOpn3kz6hQpSJe4QYdw7Ja6ECNAyg6swFqnlhLgAXH_IJc_yaVDm39Eg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:07 GMT
server: cloudflare
etag: W/"45d967c31d208864e87ddefc42089bc9"
vary: Accept-Encoding
x-goog-generation: 1723096747350341
content-type: image/svg+xml
x-goog-hash: crc32c=SH7/gg==, md5=Rdlnwx0giGTofd78QgibyQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 227
cf-ray: 8b0761e42cd939ff-YYZ
expires: Fri, 09 Aug 2024 11:56:11 GMT

GET
H2 200 1_pixel.png
secure.gratowin.com/assets/images/ 2 KB
2 KB 99ms
97ms Image
image/png 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/images/1_pixel.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nOY1O5IbvzNQ8_fei-5IlKB35wNDXDVW6WUq2J0-Wlvx8ontwqt77OrYZ-AWzjg9KKR6lw110sS2g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1943
last-modified: Thu, 08 Aug 2024 05:58:30 GMT
server: cloudflare
etag: "f0601ed2d0bef14ed7ce4793b13a670b"
vary: Accept-Encoding
x-goog-generation: 1723096709968173
content-type: image/png
x-goog-hash: crc32c=hQGYGw==, md5=8GAe0tC+8U7XzkeTsTpnCw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1943
accept-ranges: bytes
cf-ray: 8b0761e42cda39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:34 GMT

GET
H2 200 iovation-script.js Show response
secure.gratowin.com/lobby/ 4 KB
2 KB 66ms
66ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/iovation-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03f39b06122a53d2cc7c9c00c3afac616a9d57cb55a4c1fc186b522ff4cbacee

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:53 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nMLzG7YAjfkt_Ru6y0dhoQPGuLPSkUA_2ZgnV6tWur7YoMHCoI6Jz1zOor3uX815__AZA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:05 GMT
server: cloudflare
etag: W/"751acfa179e57ec1b4102d4bf2fba9a9"
vary: Accept-Encoding
x-goog-generation: 1723096745852963
content-type: text/javascript
x-goog-hash: crc32c=j2fPCw==, md5=dRrPoXnlfsG0EC1L8vupqQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 3711
cf-ray: 8b0761e4fdeb39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 476 KB
116 KB 159ms
71ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

461f93d62ffd6c99ccc22681f8dfb552f2fef20dce3ef4b70ddd3186f23eee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118519
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 09:17:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Aug 2024 11:24:54 GMT

GET
H2 200 brand-info.json Show response
secure.gratowin.com/ Frame 6207 810 B
614 B 139ms
138ms Document
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/brand-info.json
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8b0761e50df739ff-YYZ
content-encoding: gzip
content-type: application/json
date: Fri, 09 Aug 2024 11:24:54 GMT
etag: W/"2591ae3250ac9433c6a7e9ab77315c90"
expires: Fri, 09 Aug 2024 12:24:53 GMT
last-modified: Sun, 03 Jan 2021 08:59:18 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1609664358830795
x-goog-hash: crc32c=uP0vxg== md5=JZGuMlCslDPGp+mrdzFckA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 810
x-guploader-uploadid: AHxI1nPnXRWGFhnMZo7eYB1dF9cINqjAOk0UVsSKuNOTyb_F4SyLyAOY4D5O5gVF8KO6ZmU6D1w

GET
H2 200 appData Show response
secure.gratowin.com/playerapi/ 293 KB
72 KB 255ms
255ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/appData?language=en&device=DESKTOP&timestamp=1723202694210&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 364732b82e8291de3b1c124e37a761fe7358be95d82961f950e201a39d799dd5

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
ldAlias

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"4951a-mMWgiZfxZVH07xN+0zOBJdU9yv0"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8b0761e6ef9039ff-YYZ
swagger-api-docs-url: /playerapi

GET
H2 200 appStaticData Show response
secure.gratowin.com/playerapi/ 2 KB
2 KB 458ms
457ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/appStaticData?language=en&device=DESKTOP&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a9dfb3e9e594038718fb375c055dafbb03d0d4368f7b1133d34c12b4b43c933f

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
ldAlias

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"869-Z9yWr+1dfMm3ise1eTeHnvLeTvg"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=S75exDHkD6scE22n4t.AgE7wvC9HDpHzNgPFRxTvN8E-1723202694-1.0.1.1-uCtxBWoVHmSigXyShddg.rhZVtrLYqhP8jlWrU5LORsjMonrnfLHesx5an5qwR6IpoJaC6yApyPPu5GrczRRUpf7wtOSNkuD.3ksCIiwSqBK5QfcNUkhO5SvBg3uKUS3uCvdt1KCEc92XLGvc_DVthDQbQ5H99q1enUOdo8qNgk"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=S75exDHkD6scE22n4t.AgE7wvC9HDpHzNgPFRxTvN8E-1723202694-1.0.1.1-uCtxBWoVHmSigXyShddg.rhZVtrLYqhP8jlWrU5LORsjMonrnfLHesx5an5qwR6IpoJaC6yApyPPu5GrczRRUpf7wtOSNkuD.3ksCIiwSqBK5QfcNUkhO5SvBg3uKUS3uCvdt1KCEc92XLGvc_DVthDQbQ5H99q1enUOdo8qNgk; report-to cf-csp-endpoint
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 8b0761e6ff9739ff-YYZ
swagger-api-docs-url: /playerapi

GET
H2

200

main.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/ Frame D4B1
Redirect Chain

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

8 KB
4 KB

23ms
23ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b66835d6679a8a4188ed1db06487c159ba30aed3625e2df9c23c055be3844a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b0761e73fd539ff-YYZ

Redirect headers

date: Fri, 09 Aug 2024 11:24:54 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b0761e6ffa039ff-YYZ
content-length: 0

GET
H2 404 static_wdp.js
secure.gratowin.com/iojs/general5/ 0
0 737ms
736ms Script
application/xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/iovation-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
x-guploader-uploadid: AHxI1nMgr4rxbWS1dTg29yDv88rf3cKyEgpvEB79i5thHFJfyM3OltbHrqfinsGOvI_HFrT618pGw4lAUQ
vary: Accept-Encoding
content-type: application/xml; charset=UTF-8
cache-control: private, max-age=0
cf-ray: 8b0761e6ffa239ff-YYZ
expires: Fri, 09 Aug 2024 11:24:54 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
19 KB 123ms
39ms Script
text/javascript 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/iovation-script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2ba22a3f34a72882ce4613d6ceda65e51af751f02290fbc17dbdd0d911858049

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Aug 2024 11:24:54 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H2 200 8.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 11 KB
12 KB 776ms
689ms Image
image/png 173.194.68.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/8.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.68.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qr-in-f207.1e100.net
Software: UploadServer /
Resource Hash: e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
age: 0
x-guploader-uploadid: AHxI1nPXeVoCLyiLRu5AswdVa21Jh6LIO6o4yGhquZHDKXiGqqiqD8bPCQveu8skCk40DiBkBCg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11475
last-modified: Mon, 14 Dec 2020 09:52:31 GMT
server: UploadServer
etag: "21a5358c0ea98af8a9aa561c2bffb91d"
x-goog-generation: 1607939551876388
x-goog-hash: crc32c=uYCRdA==, md5=IaU1jA6pivipqlYcK/+5HQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 11475
accept-ranges: bytes
expires: Fri, 09 Aug 2024 12:24:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 130ms
43ms Script
text/javascript 74.125.192.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 09:46:11 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5923
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 09 Aug 2024 11:46:11 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 149ms
48ms Script
application/javascript 204.79.197.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 09 Aug 2024 11:24:54 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C979211B573040B5A5162D221F4764F8 Ref B: YTO01EDGE0821 Ref C: 2024-08-09T11:24:54Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H/1.1 200
OK sdk.js Show response
src.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/ 122 KB
25 KB 676ms
264ms Script
text/javascript 46.51.157.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://src.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/sdk.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.51.157.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-51-157-121.eu-west-1.compute.amazonaws.com

Software

Resource Hash

957e91f669a3abba7d46f44c2e432595f382d236e97625da97dd751df955a5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:24:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Fri, 07 Jun 2024 16:49:41 GMT
x-amz-request-id: 70HNM7TS1CRR6KX1
ETag: W/"213b7e18246a4e3e09992d0040d5565f"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=21600
Connection: keep-alive
x-amz-id-2: eJv+2R88umK8o+TN1e+2m81aZy3glXrJ56RFQNbO/92+o8XGpxYM59pr8McwsYIOiyU9V5nyGyimq349xjiFio/dTFHmZpUz

GET
H2 200 oapit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 48 KB
11 KB 139ms
48ms Script
application/javascript 52.85.132.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-101.iad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 565e0673ae3c680a01e83781bc9bb3b507e4743bb1a83f718cba658a0d7b2fab

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
via: 1.1 e67eec39bafe7d4b59266632bc2a9886.cloudfront.net (CloudFront)
last-modified: Mon, 05 Aug 2024 06:55:16 GMT
server: AmazonS3
x-amz-cf-pop: IAD50-C2
age: 53
x-amz-server-side-encryption: AES256
etag: W/"4524a34dcf22e1566b72987a1e2210cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 32-NvxY0JTgs6hKuI8zQQiVieezbO6lT1Iv-3uMFcDq9HnlNSBvFqw==

POST
H2 200 8b0761e15a7d39ff Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D4B1 0
361 B 57ms
53ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/8b0761e15a7d39ff
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
server: cloudflare
cf-ray: 8b0761e7f88f39ff-YYZ
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 37ms
37ms Script
text/javascript 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fa76c72253a6afc5a4babda569da11f7484e55a2903bac4054e09ddc6a08a737

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Fri, 09 Aug 2024 11:24:54 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Sat, 09 Aug 2025 11:24:54 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 37ms
37ms Media
audio/mpeg 52.6.11.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.6062651195606041

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.6.11.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-11-66.compute-1.amazonaws.com

Software

nginx /

Resource Hash

df5c9da679f34ad05295df87f8f9c4d2943488e65d6f28ea5e9921a28ba212c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Fri, 09 Aug 2024 11:24:54 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
223 B 45ms
43ms XHR
text/plain 74.125.192.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=459556953&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F%3Fflow%3Ddeposit%26couponCode%3DWRP50&ul=en-ca&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PageView&ea=PageView_Platform_Secure&el=%2F&_u=YEBAAEABAAAAACAAI~&jid=1309318799&gjid=2018778458&cid=736467782.1723202695&tid=UA-27702367-6&_gid=475419204.1723202695&_r=1&_slc=1&gtm=45He4880n81KSBWD3Bv78890553za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1703322538

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

7ce32208321c1a409e98a42ff3f8b7c10d2d7e1cc31037dd8aa4f54e391c4b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:24:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 43ms
42ms Image
image/gif 74.125.192.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=459556953&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F%3Fflow%3Ddeposit%26couponCode%3DWRP50&ul=en-ca&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=736467782.1723202695&tid=UA-27702367-6&_gid=475419204.1723202695&gtm=45He4880n81KSBWD3Bv78890553za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1258173887

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/?flow=deposit&couponCode=WRP50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.192.101 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qn-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 05:49:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20114
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pushreg.min.js Show response
sdk.solitics.com/ 2 KB
976 B 218ms
53ms Script
application/javascript 52.85.132.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.solitics.com/pushreg.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-7.iad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e5794ad2dfa69f179f1f7a7db4318c7392a76cc491e6d5fa352d6db30c2a64

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
via: 1.1 165ed32c12154887fba331169c8022ee.cloudfront.net (CloudFront)
last-modified: Mon, 05 Aug 2024 06:55:16 GMT
server: AmazonS3
x-amz-cf-pop: IAD50-C2
age: 54
x-amz-server-side-encryption: AES256
etag: W/"0fa3d7bd01f2b70c0d79645e9dd36967"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: enZP5rh77CwnZkDuyRNitnkPnKrjFWJWv2IWHQ4WbGTckW41TO-iPg==

GET
H2 200 oapi-heartbit.min.js Show response
sdk.solitics.com/ 2 KB
1 KB 214ms
49ms Script
application/javascript 52.85.132.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.solitics.com/oapi-heartbit.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.132.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-132-7.iad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 675a9e8e62331ccf494a0f668ac6a8f240a13f02ca63d9f7159f4648b62a94fc

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
via: 1.1 165ed32c12154887fba331169c8022ee.cloudfront.net (CloudFront)
last-modified: Mon, 05 Aug 2024 06:55:16 GMT
server: AmazonS3
x-amz-cf-pop: IAD50-C2
age: 54
x-amz-server-side-encryption: AES256
etag: W/"35df2fd7c2a60c1ed720590d6756d39d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MmqpLu1j7FRUed27kRN0YtSXJUWnOGKy3Bt5XqXWocAMcgli2P_prw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
96 KB 65ms
64ms Script
application/javascript 172.217.222.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.222.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c5e42ea0a5e6e5bcf28f7c5366795e14079901db4a1ca860d314a2a4a7cc0257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97982
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 09 Aug 2024 11:24:54 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 45ms
45ms Fetch
text/plain 74.125.192.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5D5LQ8JKK9&gtm=45je4880v9126070701za200&_p=1723202693903&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=736467782.1723202695&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F%3Fflow%3Ddeposit%26couponCode%3DWRP50&dt=GratoWin&sid=1723202694&sct=1&seg=0&en=PageView_Platform_Secure&_fv=1&_ss=1&_ee=1&ep.event_category=PageView&ep.event_label=%2F&tfd=3343
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.192.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qn-in-f101.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:24:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
secure.gratowin.com/i18n/lang/ 247 KB
54 KB 159ms
159ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/i18n/lang/en.json?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965e65603501aeb4433a256b8565480d3b8c1f8fc95f4bf974ede738a396d6e4

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-guploader-uploadid: AHxI1nNh_gGrJRaVeFOtQ5K3am_SihThaSEJeIpeCoQbj0N-m3Ee5A3FdYxaT3SWTPw17YHqAg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 06:00:38 GMT
server: cloudflare
etag: W/"d4f6a5112bec70ef406be362c38c69fe"
vary: Accept-Encoding
x-goog-generation: 1723096838124244
content-type: application/json
x-goog-hash: crc32c=rtKzyw==, md5=1PalESvscO9Aa+Niw4xp/g==
cache-control: no-store,no-cache,max-age=0
x-goog-stored-content-length: 253143
cf-ray: 8b0761ea6a8f39ff-YYZ
expires: Fri, 09 Aug 2024 11:24:54 GMT

GET
H2 200 widget.js Show response
anakatechsupport.freshchat.com/js/ 67 KB
22 KB 124ms
44ms Script
application/javascript 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://anakatechsupport.freshchat.com/js/widget.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/main.6c3004060c0193b95f30.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

81d1618fdf5d3b08f0bd7fc157ac489705fb261f922cc29295388f375b053dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-trace-id: 00-c1545081e06f0ea67d70911c83a8c22a-7999531924b51214-00
date: Fri, 09 Aug 2024 11:24:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 30 Jul 2024 04:33:50 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: bjxq9
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: 1bde83f0-13a0-435c-865e-05aa858680a7

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 6 KB
2 KB 117ms
36ms Script
application/javascript 13.32.151.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/main.6c3004060c0193b95f30.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.151.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-151-53.iad66.r.cloudfront.net

Software

Resource Hash

7843e3266000a8104ae463b48daa7031033fcf9f3fe9e2bca36aacac6598d1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 09 Aug 2024 10:50:00 GMT
via: 1.1 de8f46f8f922c244bbc7d8b62cc964e8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD66-C2
age: 2094
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Aug 2024 08:42:15 GMT
etag: W/"66ac9be7-17d1"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: F2s1CMxYttEDrM56TiZOjX9uownHYEb738TJpnykVAL1Mt_aX-fMqw==

GET
H2 200 emr-seal.js Show response
b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com/ 3 KB
2 KB 507ms
395ms Script
text/javascript 108.138.85.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com/emr-seal.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/main.6c3004060c0193b95f30.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.85.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-85-60.iad12.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

db08d35026edb000b44fa46694b11e617457eaa7be2fe78d17f8ca49081d1b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 0fd782cbc1c3c43778f2ac89b2bfb444.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: IAD12-P2
x-powered-by: Express
etag: W/"c73-97AUsIk8plwKAP7sVHX6x1Ylbuw"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 8b0761eb8aa0083f-IAD
x-amz-cf-id: xMv_qq8LLpp7GZGQE-Cb8VR2RLafagjExf_8FohALcHgDLqLxuOHzw==

POST
H/1.1 200
OK deviceCreate Show response
api.xtremepush.com/push/api/ 228 B
932 B 599ms
320ms XHR
application/json 46.51.130.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xtremepush.com/push/api/deviceCreate

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.51.130.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-51-130-78.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6d960ab95583052e4fb0e96389e7f7aac7fc6edf22892deb4a84288f0f838293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Aug 2024 11:24:55 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://secure.gratowin.com
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-Frame-Options: DENY
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
X-XSS-Protection: 1; mode=block

OPTIONS
H2 200 event
analytics.streamygame.com/ Frame 0
0 436ms
379ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept content-type
access-control-allow-methods: GET, POST, PUT, DELETE GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b0761ec8d00abcd-YYZ
content-length: 0
date: Fri, 09 Aug 2024 11:24:55 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 event
analytics.streamygame.com/ Frame 0
0 436ms
381ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept content-type
access-control-allow-methods: GET, POST, PUT, DELETE GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b0761ec8cffabcd-YYZ
content-length: 0
date: Fri, 09 Aug 2024 11:24:55 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 event
analytics.streamygame.com/ Frame 0
0 438ms
389ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept content-type
access-control-allow-methods: GET, POST, PUT, DELETE GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b0761ec8cfdabcd-YYZ
content-length: 0
date: Fri, 09 Aug 2024 11:24:55 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 event
analytics.streamygame.com/ Frame 0
0 434ms
388ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept content-type
access-control-allow-methods: GET, POST, PUT, DELETE GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8b0761ec8d01abcd-YYZ
content-length: 0
date: Fri, 09 Aug 2024 11:24:55 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Lobby.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 1 KB
887 B 50ms
49ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/Lobby.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fdcecb5205dbf9e519a6a7b5aaf6e33c50bb76a7aa1484f6b9ecedc4ff1cb2a

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nOaOJdXNXAq-y5p4DrftKeJ4AUQcDmomRMUG1rNP3lM5adL8l87s-2vvGpow5XhfsY31M_5Ku7rvw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:04 GMT
server: cloudflare
etag: W/"794520d8effea1fda502d7f8ba8c6fb3"
vary: Accept-Encoding
x-goog-generation: 1723096744775249
content-type: text/javascript
x-goog-hash: crc32c=kMpu9Q==, md5=eUUg2O/+of2lAtf4uoxvsw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1063
cf-ray: 8b0761ec0c0d39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:39 GMT

GET
H2 200 refreshToken Show response
secure.gratowin.com/playerapi/ 29 B
308 B 2953ms
2953ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/refreshToken?device=DESKTOP&language=en&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
ldAlias

Response headers

date: Fri, 09 Aug 2024 11:24:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1d-8FgmlGBAlsa83L78oaBAOCRXFa8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8b0761ec1c1639ff-YYZ
swagger-api-docs-url: /playerapi

POST
H2 200 event Show response
analytics.streamygame.com/ 0
684 B 430ms
391ms XHR
text/plain 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=wLrjP.bc4fkMB1QHp4S8.cU9.4ynfMifkZjOWeLGhQM-1723202695-1.0.1.1-jaNKfQAOjjAoEQe.C5B.JHo9DMJE0hfnws.Igyl7Gs0jC1ixcLxWgLdI99LtPS1jgElBGJgz96JxYCowcXD3lI56cyCB_viWkeaS1YQHZhbHY4cRHW2AeF2n2JqIvQsBwIjbuaUT2U0lHMCz83U6EI66oSsSreEMlLDNzDdCUdI; report-to cf-csp-endpoint
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=wLrjP.bc4fkMB1QHp4S8.cU9.4ynfMifkZjOWeLGhQM-1723202695-1.0.1.1-jaNKfQAOjjAoEQe.C5B.JHo9DMJE0hfnws.Igyl7Gs0jC1ixcLxWgLdI99LtPS1jgElBGJgz96JxYCowcXD3lI56cyCB_viWkeaS1YQHZhbHY4cRHW2AeF2n2JqIvQsBwIjbuaUT2U0lHMCz83U6EI66oSsSreEMlLDNzDdCUdI"}],"group":"cf-csp-endpoint","max_age":86400}
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b0761ef2a8936d1-YYZ
expires: 0

POST
H2 200 event Show response
analytics.streamygame.com/ 0
322 B 427ms
388ms XHR
text/plain 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:24:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b0761ef2a8a36d1-YYZ
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 event Show response
analytics.streamygame.com/ 0
42 B 420ms
389ms XHR
text/plain 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:24:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b0761ef2a8c36d1-YYZ
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 event Show response
analytics.streamygame.com/ 0
43 B 423ms
391ms XHR
text/plain 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:24:55 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b0761ef2a8d36d1-YYZ
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 getAll Show response
secure.gratowin.com/translations/ 5 KB
2 KB 133ms
132ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/translations/getAll?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c3a2eb05714fce6483bf88664a687ce40afcf42089a6011b1c41953e71c2f61f

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1548-mOwZnVBunm2w2MLxqT+BF+faycw"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=_SpkQ0sBErStU2Cq_Bb4fE6bdq4wGbodawaOPOYjNuA-1723202695-1.0.1.1-URINuLu8s0NvcNcbZK6_Ys28BULYPPebjW9iFRhZmGlZWdvmfhOIUAoWn5dxmXApucePixOyDDn84YFAlh.ukn80dT5T903tgUwL9da7P9qQKZeSmmGh6JI1M8SV7Yf2OtZBEIarq_gFWuf3r_isypYRjar6iPr8mB6pzhe_wXk"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.gratowin.com
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=_SpkQ0sBErStU2Cq_Bb4fE6bdq4wGbodawaOPOYjNuA-1723202695-1.0.1.1-URINuLu8s0NvcNcbZK6_Ys28BULYPPebjW9iFRhZmGlZWdvmfhOIUAoWn5dxmXApucePixOyDDn84YFAlh.ukn80dT5T903tgUwL9da7P9qQKZeSmmGh6JI1M8SV7Yf2OtZBEIarq_gFWuf3r_isypYRjar6iPr8mB6pzhe_wXk; report-to cf-csp-endpoint
access-control-allow-credentials: true
cf-ray: 8b0761ec4c3d39ff-YYZ

GET
H2 200 getJackpotGameDetails Show response
secure.gratowin.com/playerapi/games/ 220 B
384 B 3100ms
3099ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b0c3b8abaa5b3b59599001b6f58f136f67116bd422e6c64f074ecc1b1e3aac9b

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
ldAlias

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"dc-f8Amyb02T4jCvfYYF5h77gEKcxM"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8b0761ec6c6c39ff-YYZ
swagger-api-docs-url: /playerapi

GET
H2 200 5581.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 2 KB
1 KB 44ms
43ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/5581.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca96fc4f6222d8656dce29c7af6971ae61970cf8e3298495348cba2d647613d6

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nNAq-J2YqSLhUrRERwIJ59HQZyDyaz2oRU6tHtRhh24tlX92FqqBQAfUpAIudlmXvVH4rwOs-a6kQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:53 GMT
server: cloudflare
etag: W/"d1c0d96b95c4c67e1386bf67c64833c9"
vary: Accept-Encoding
x-goog-generation: 1723096733338083
content-type: text/javascript
x-goog-hash: crc32c=kZ5ukw==, md5=0cDZa5XExn4Thr9nxkgzyQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2096
cf-ray: 8b0761ec6c7439ff-YYZ
expires: Fri, 09 Aug 2024 11:56:14 GMT

GET
H2 200 / Show response
cms2.gratowin.com/drupal_templates/slider/ 35 KB
4 KB 7095ms
6982ms XHR
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.gratowin.com/drupal_templates/slider/?lang=en&brandId=8&playerType=0&lobbyTemplateId=3&selectedGameTab=1&isLoggedIn=false&eligibleForRegulationMarketing=true&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550a238cf606f3ab507e807a137985b5507eb047ac10799bb6badd68735018cd

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 8b0761ed7a2babb1-YYZ

GET
H2 200 / Show response
cms2.gratowin.com/drupal_templates/footer// 22 KB
4 KB 409ms
302ms XHR
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.gratowin.com/drupal_templates/footer//?lang=en&regCountry=undefined&login=0&state=&brandId=8&currency=undefined&type=&playerType=0&eventTypes=&eventStartDates=&eventEndDates=&eventWinnerEndDates=&isLoggedIn=false&flow=deposit&couponCode=WRP50&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2226ba044b955b50066da675bee5d8f8e00634dda16076e36d13ea37fa4f063f

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 8b0761ed7a2dabb1-YYZ

GET
H2 200 8424.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 10 KB
4 KB 68ms
66ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/8424.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c4bea128e2dd898a34387ef735fa69e538b3b4d75a95df8139a4eebe6353ebe

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nOl2OHK9Z4xNwM_pQJQB8YnTsSCbfol09r9sQuWFxfbJoDr0l4kKDDqj1nvtA7-a0-IAg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:59 GMT
server: cloudflare
etag: W/"53f6895458775d3868c543b164c6dc18"
vary: Accept-Encoding
x-goog-generation: 1723096739751279
content-type: text/javascript
x-goog-hash: crc32c=IoB0nQ==, md5=U/aJVFh3XThoxUOxZMbcGA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 10415
cf-ray: 8b0761ecccbb39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 99287.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 19 KB
13 KB 57ms
56ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/99287.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8174f418e888e16bf9ca9304f92b0bbdb41d2ab7ca512a0233f75024249fd4d

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nOWOBE1E1EjUaD9uYmrLy1n8b7_jcJi9oATuGth07EuI4c6fvHADjCo2igfPMPKsmg9CGoqck6iiw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:03 GMT
server: cloudflare
etag: W/"b1c91d598dcc1be8b44bef621e2420b6"
vary: Accept-Encoding
x-goog-generation: 1723096743581199
content-type: text/javascript
x-goog-hash: crc32c=V7mbAQ==, md5=sckdWY3MG+i0S+9iHiQgtg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 19923
cf-ray: 8b0761ecccbc39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 21966.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 16 KB
5 KB 58ms
57ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/21966.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c153b3fe8ce2dd675bdf2e807af55089ebf4ed199405bd2c9163c7763772c9f4

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPYY9Rm8RaTNs5J9pFiBpAwYfuXnKTnHPVIzVtMEfgE5Uluy5ohCxoqLobn3DLSE9oMWt0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:45 GMT
server: cloudflare
etag: W/"f4a45ddc06d997f5882876cc258dc842"
vary: Accept-Encoding
x-goog-generation: 1723096724990630
content-type: text/javascript
x-goog-hash: crc32c=NX2LmQ==, md5=9KRd3AbZl/WIKHbMJY3IQg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 16081
cf-ray: 8b0761ecccbd39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 35955.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 32 KB
10 KB 52ms
52ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/35955.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5352f0c3029cad84308b2fcb962e36a30a6d376bc58ba0472210e766a64edfc

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nO2PeA20QLl0LVgkFjohkvZtkAhI7XBDZRGrtvdBG_N2v1e8m4T3myBoQqTMabEasnoW9Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:48 GMT
server: cloudflare
etag: W/"f49f66ab50f51ea2411f32074bf3c1d9"
vary: Accept-Encoding
x-goog-generation: 1723096728314808
content-type: text/javascript
x-goog-hash: crc32c=lQhVcg==, md5=9J9mq1D1HqJBHzIHS/PB2Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 32626
cf-ray: 8b0761ecccbe39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 3251.6c3004060c0193b95f30.css
secure.gratowin.com/lobby/ 16 KB
3 KB 37ms
36ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/3251.6c3004060c0193b95f30.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 505edf93b3cc9edecaa4820549d7255856864ce16231e09c5055bfba5d8a2934

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nO0_CxMxHsZzJ4TLwNSsuq1xYACOgcvLwC73qpWy_Bb2-gKEGF0M6hFzcvmZ8eLc_f6_q40sclmLQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:47 GMT
server: cloudflare
etag: W/"d32c8f740a9177e6b61059e2696b81ef"
vary: Accept-Encoding
x-goog-generation: 1723096727478313
content-type: text/css
x-goog-hash: crc32c=Yybf3A==, md5=0yyPdAqRd+a2EFniaWuB7w==
cache-control: public, max-age=3600
x-goog-stored-content-length: 15937
cf-ray: 8b0761ecccc139ff-YYZ
expires: Fri, 09 Aug 2024 11:56:14 GMT

GET
H2 200 3251.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 22 KB
7 KB 116ms
116ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/3251.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3b494a1d810a8b90553b8737251f183be416a394969ee287d85c73c6801404

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPdhajgV0LaBnWpY3Pi3MszgQ28wixkK_Bmc1OMWr04OfYL7hjCZAikfszbdYurIhAMDA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:47 GMT
server: cloudflare
etag: W/"1c68f520f9e060498558147f31a59ee5"
vary: Accept-Encoding
x-goog-generation: 1723096727250531
content-type: text/javascript
x-goog-hash: crc32c=4QJJ+w==, md5=HGj1IPngYEmFWBR/MaWe5Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 22554
cf-ray: 8b0761ecccc239ff-YYZ
expires: Fri, 09 Aug 2024 11:56:14 GMT

GET
H2 200 63321.6c3004060c0193b95f30.css
secure.gratowin.com/lobby/ 2 KB
1 KB 33ms
33ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/63321.6c3004060c0193b95f30.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d643a01b99683e7a2433a5b6416182775d5d836bc0c4056c5608ee2d2d33b13b

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nMlg5PUs_Qmsv4aux4rrk-pNekalTsKG4FEBrH18Yn2RReKliF4jtpeFOymaev8LaxM5nc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:54 GMT
server: cloudflare
etag: W/"ceb12e061baeace3fd1234194f795d82"
vary: Accept-Encoding
x-goog-generation: 1723096734941423
content-type: text/css
x-goog-hash: crc32c=8MlHiQ==, md5=zrEuBhuurOP9EjQZT3ldgg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2520
cf-ray: 8b0761ecdcc339ff-YYZ
expires: Fri, 09 Aug 2024 11:56:14 GMT

GET
H2 200 63321.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 9 KB
3 KB 54ms
54ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/63321.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f26039d9feab7f3b028917611ff82337088c43d584722bff53b98e358bdde0

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nMF5mw7ai4GKCjTXdaZa4Y61dGj22PA1tL_TYdtXCLL6n9vnnXe-CW3LhhU0z5JOsZtTxY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:54 GMT
server: cloudflare
etag: W/"502628a96e7d4a3f80af3c8fb72d2a8b"
vary: Accept-Encoding
x-goog-generation: 1723096734843272
content-type: text/javascript
x-goog-hash: crc32c=O4Q17A==, md5=UCYoqW59Sj+ArzyPty0qiw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 9174
cf-ray: 8b0761ecdcc439ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 Slider.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 61 KB
16 KB 125ms
124ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/Slider.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de561cc8e202fa0db40f40415ddb7194764556770ad3fab75147ddbfb2c8371

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nN53g8JGoa4UUfpbWq0IFft-oSsYW1lChn2XVJoV4eXazxz0x0qNQx1SDUNIPTuiBuMBQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:05 GMT
server: cloudflare
etag: W/"993827692d465e3a9472d972146fec54"
vary: Accept-Encoding
x-goog-generation: 1723096745578979
content-type: text/javascript
x-goog-hash: crc32c=All5GQ==, md5=mTgnaS1GXjqUctlyFG/sVA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 62380
cf-ray: 8b0761ecdcc539ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 19695.6c3004060c0193b95f30.css
secure.gratowin.com/lobby/ 5 KB
1 KB 83ms
81ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/19695.6c3004060c0193b95f30.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d64ee21fb8e6ba7dbbe6dd5de82aca97024679fcdd8dba757e0ea4830a72bf4

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nO2FZr1eHYK2yK8dtnliL_-JLwYwUNhit7WDUIqeR9eKO5kqpfVj7rjJRAgoGWBCC9AGWIGmwjk_A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:44 GMT
server: cloudflare
etag: W/"2952b89d7155b09b50b79e22c912f5ec"
vary: Accept-Encoding
x-goog-generation: 1723096724624761
content-type: text/css
x-goog-hash: crc32c=br6m/w==, md5=KVK4nXFVsJtQt54iyRL17A==
cache-control: public, max-age=3600
x-goog-stored-content-length: 5593
cf-ray: 8b0761ecdcca39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 19695.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 13 KB
5 KB 63ms
62ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/19695.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db2455054bd00c08afc2351fdc0b6525683a367137e692ab07611776873f131

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nM4T1zLjT9QJEzmnWk-zQu3J51JawP8JJEVM0ICsuWxCYm9Ri_A5VVQVzoOXMQxg9v9Zpk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:44 GMT
server: cloudflare
etag: W/"50415ac0fdafc8cd517a22ecf1c45dc6"
vary: Accept-Encoding
x-goog-generation: 1723096724636660
content-type: text/javascript
x-goog-hash: crc32c=5ilj2g==, md5=UEFawP2vyM1ReiLs8cRdxg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 13533
cf-ray: 8b0761ececd639ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 26404.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 13 KB
5 KB 68ms
66ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/26404.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c79dc1a3eff5146e912936b95634d65656a2bc421768aed467f0d1b2f0ecca

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nNFv_0alM-CP9PZT_I0c_PL8Ngtp1Ej4D-cb46nmxCG-_AN6TfnfQJl3i6mzmwQtVZVA4A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:46 GMT
server: cloudflare
etag: W/"7d111d7ecb27180d28b8b132ac1013b4"
vary: Accept-Encoding
x-goog-generation: 1723096726069828
content-type: text/javascript
x-goog-hash: crc32c=jMbr/A==, md5=fREdfssnGA0ouLEyrBATtA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 13418
cf-ray: 8b0761ececd739ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 11696.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 10 KB
4 KB 70ms
69ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/11696.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4a01dd65c9076541a66eb15a8ff2cabf4357de5b466599c51d37c8ddd66a19

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nOGQ6XUF97Y00K7HBQy8bc4tpUvYeh-ac1kyhvhjjFwPvum8_6UEzAlL2GpDk_qSc4dftB7ux1YKw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:43 GMT
server: cloudflare
etag: W/"115896bcc677c25d54a7982d5dc6d06b"
vary: Accept-Encoding
x-goog-generation: 1723096723074402
content-type: text/javascript
x-goog-hash: crc32c=xvmpXQ==, md5=EViWvMZ3wl1Up5gtXcbQaw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 10054
cf-ray: 8b0761ececd939ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 62482.6c3004060c0193b95f30.css
secure.gratowin.com/lobby/ 19 KB
2 KB 67ms
66ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/62482.6c3004060c0193b95f30.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b233d6c5951807e291d873760f720d0172b6ce19a6cf24ff6dba4fad5946e853

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nP6LV3C3iFOjYEiw-mZ_hdEXUbF49YB21W3xFXbpt1KtmxxF6LtMexjxAIzdvzvbyp0jno
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:54 GMT
server: cloudflare
etag: W/"66ad889087eb22451ceabb0c8b10ec2a"
vary: Accept-Encoding
x-goog-generation: 1723096734918188
content-type: text/css
x-goog-hash: crc32c=AeUFjw==, md5=Zq2IkIfrIkUc6rsMixDsKg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 19386
cf-ray: 8b0761ececd839ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 62482.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 26 KB
9 KB 66ms
65ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/62482.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac0124464bd5476ae47847e6e3b1f0056421730d337516995445bae50e8878b

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPcyQ5OaXt_dwIFnRWwEQ3YbSdVV8ldYtObQzs0dnC3ajXL4mU12V401qKFZ0RJvg7SpA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:54 GMT
server: cloudflare
etag: W/"322c79ac327381f1308691b6c8ade0de"
vary: Accept-Encoding
x-goog-generation: 1723096734713109
content-type: text/javascript
x-goog-hash: crc32c=r0MkXQ==, md5=Mix5rDJzgfEwhpG2yK3g3g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 26724
cf-ray: 8b0761ececda39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 getRecentWinnings Show response
secure.gratowin.com/playerapi/recentWinnings/ 3 KB
860 B 2981ms
2979ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/recentWinnings/getRecentWinnings?currency=CAD&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9e59231b92221ef6398a8864919688aef45e43c12298273e176d24be2e175a63

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
ldAlias

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"bd6-P8LEQ5zTqNwdoy6RSnqFfulFHlU"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8b0761ed3d2839ff-YYZ
swagger-api-docs-url: /playerapi

GET games
secure.gratowin.com/playerapi/ 0
0

GET
H2 200 40359.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 1 KB
1 KB 28ms
28ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/40359.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e8af1980db8643f3665a52da2e2c81b38496c5143e8be16a5e38a338524c4e

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1721
x-guploader-uploadid: AHxI1nNFuScO7E3F4Dk29NZapZYyICKXniCzH01hQw4DDLpa1xBT6QfCVvfz7DRFalco_tEYE_o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:49 GMT
server: cloudflare
etag: W/"8c3d0580b6fc1dea552aae781ff5127c"
vary: Accept-Encoding
x-goog-generation: 1723096729556231
content-type: text/javascript
x-goog-hash: crc32c=tHh7FQ==, md5=jD0FgLb8HepVKq54H/USfA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1508
cf-ray: 8b0761ed5d4139ff-YYZ
expires: Fri, 09 Aug 2024 11:56:14 GMT

GET
H2 200 joinNow-icon.svg
secure.gratowin.com/assets/internal-icons/ 402 B
539 B 79ms
77ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/joinNow-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPXPJONPviUM_e3EaALa5xEokmWXr5NHpDQ-mQEEfaTWWldjrj-PQ5pq2a7cyYXRmVS9w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:32 GMT
server: cloudflare
etag: W/"fcf6455fb9d2e83224da551cc3054ff6"
vary: Accept-Encoding
x-goog-generation: 1723096712424292
content-type: image/svg+xml
x-goog-hash: crc32c=7BBWuA==, md5=/PZFX7nS6DIk2lUcwwVP9g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 402
cf-ray: 8b0761edcd9e39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:42 GMT

GET
H2 200 login-icon.svg
secure.gratowin.com/assets/internal-icons/ 510 B
534 B 75ms
73ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/login-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPgdAwnTy4GQjpEHwuDEQXbCgECZfjn287gh7Ofnmsk9Zk0YP7KpzqF0-fcbXaj2XcVUO8dX-YFBg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:32 GMT
server: cloudflare
etag: W/"0ca8fb0f2089abf726d203bee36c8cbc"
vary: Accept-Encoding
x-goog-generation: 1723096712515031
content-type: image/svg+xml
x-goog-hash: crc32c=UXvSvQ==, md5=DKj7DyCJq/cm0gO+42yMvA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 510
cf-ray: 8b0761edcda139ff-YYZ
expires: Fri, 09 Aug 2024 11:54:42 GMT

GET
H2 200 promotions-icon.svg
secure.gratowin.com/assets/internal-icons/ 1 KB
747 B 81ms
79ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/promotions-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f3283135b1e8cc0c73e47d2ca40d065de7e31101b3f2e0b8ff98b5994c10cdb

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPKLjCYpmKjgYy6ziSbGZCeZzswl6DBdkekKDsC3OlO6HDRUhqrzaLYOUc0B0qUVoeF614
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:32 GMT
server: cloudflare
etag: W/"b0a56a2ec4e58bd747938f8f222ac8e2"
vary: Accept-Encoding
x-goog-generation: 1723096712698193
content-type: image/svg+xml
x-goog-hash: crc32c=Lyl4hA==, md5=sKVqLsTli9dHk4+PIirI4g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1048
cf-ray: 8b0761edcda239ff-YYZ
expires: Fri, 09 Aug 2024 11:54:42 GMT

GET
H2 200 vipClub-icon.svg
secure.gratowin.com/assets/internal-icons/ 529 B
739 B 56ms
55ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/vipClub-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nOsJ2BBG6ZWhOX3K3_HmMsTLkZi-y8uczzdOudUC4gYYwqw3IvUFRe8WhE3buAnHowJIJS8Loij4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:33 GMT
server: cloudflare
etag: W/"725a97efe97819c4531fbe67de1b54c9"
vary: Accept-Encoding
x-goog-generation: 1723096713742318
content-type: image/svg+xml
x-goog-hash: crc32c=aXyrag==, md5=clqX7+l4GcRTH75n3htUyQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 529
cf-ray: 8b0761edcda339ff-YYZ
expires: Fri, 09 Aug 2024 11:54:42 GMT

GET
H2 200 banking-icon.svg
secure.gratowin.com/assets/internal-icons/ 2 KB
1 KB 33ms
32ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/banking-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1720
x-guploader-uploadid: AHxI1nOzzcMAS-zFP4NwoIUH5P1Ojyk1eDVSWJfMuwfUxnU_upSFdKmc5ZNb4NhV-CAIlmKY2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:31 GMT
server: cloudflare
etag: W/"97b0c09efe576a5c2df1da456faceec4"
vary: Accept-Encoding
x-goog-generation: 1723096711814330
content-type: image/svg+xml
x-goog-hash: crc32c=zejJ6A==, md5=l7DAnv5Xalwt8dpFb6zuxA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2300
cf-ray: 8b0761edcda439ff-YYZ
expires: Fri, 09 Aug 2024 11:56:15 GMT

GET
H2 200 contact_us-icon.svg
secure.gratowin.com/assets/internal-icons/ 522 B
1 KB 32ms
31ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/contact_us-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1720
x-guploader-uploadid: AHxI1nMqncEOv8XWuRASu4646Y1J3AEhFSiLpujUhBec8IfvZfd_gvThsRHccsTMl6Fdd1gtgHyWuX6whA
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=R9mP9.rRd0H5G3J62VPt9Mf1UoDcqu6Np3EISqj_TqE-1723202695-1.0.1.1-1iUT0UJ8KpCd6R4oGpcoGnXdPzH4q4ppOWrk2qAtJ_YpS.0Bf71l0WSK0d06ekGkMHhj08GWvFnmxj3Fqll7gcr8HBSZWa99qH5plyOy4uSgbFWX_KuNWiHUC9q41XXU3m2XQ1mide9Us3FpTNLc7VzCEcFtdWhN8e3tHfErygw; report-to cf-csp-endpoint
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:32 GMT
server: cloudflare
etag: W/"b48b2b51825c35ae80e02c41711e7c68"
vary: Accept-Encoding
x-goog-generation: 1723096712056605
content-type: image/svg+xml
x-goog-hash: crc32c=fs4Iyg==, md5=tIsrUYJcNa6A4CxBcR58aA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=R9mP9.rRd0H5G3J62VPt9Mf1UoDcqu6Np3EISqj_TqE-1723202695-1.0.1.1-1iUT0UJ8KpCd6R4oGpcoGnXdPzH4q4ppOWrk2qAtJ_YpS.0Bf71l0WSK0d06ekGkMHhj08GWvFnmxj3Fqll7gcr8HBSZWa99qH5plyOy4uSgbFWX_KuNWiHUC9q41XXU3m2XQ1mide9Us3FpTNLc7VzCEcFtdWhN8e3tHfErygw"}],"group":"cf-csp-endpoint","max_age":86400}
x-goog-stored-content-length: 522
cf-ray: 8b0761edcda639ff-YYZ
expires: Fri, 09 Aug 2024 11:56:15 GMT

GET
H2 200 languages-icon.svg
secure.gratowin.com/assets/internal-icons/ 2 KB
967 B 54ms
53ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/languages-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPt0J3e_93JNYkp0adGCJcxfAM4TfUHQ52ij6vAmu-DD9OmteUcGnI0_cCIDFXZDuvuMag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:32 GMT
server: cloudflare
etag: W/"0e648574a50c4a2f1572086f886ee580"
vary: Accept-Encoding
x-goog-generation: 1723096712471367
content-type: image/svg+xml
x-goog-hash: crc32c=15Fj5Q==, md5=DmSFdKUMSi8VcghviG7lgA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1925
cf-ray: 8b0761edcda739ff-YYZ
expires: Fri, 09 Aug 2024 11:54:42 GMT

GET
H2 200 logo.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 52 KB
53 KB 147ms
147ms Image
image/png 173.194.68.207
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/logo.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.68.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qr-in-f207.1e100.net
Software: UploadServer /
Resource Hash: 71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
age: 0
x-guploader-uploadid: AHxI1nMcgcKAekHXFXg5SmS_rj3JL29USbaORF5ls87KXsRc3yDD9anpcHBGScE0bnjR8TAKXabnV6GCgQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53570
last-modified: Sun, 06 Sep 2020 14:56:18 GMT
server: UploadServer
etag: "8da035e6e305e63288d58c81e1cb6316"
x-goog-generation: 1599404178125470
x-goog-hash: crc32c=F2Tmng==, md5=jaA15uMF5jKI1YyB4ctjFg==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 53570
accept-ranges: bytes
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 07:59:49 GMT
expires: Fri, 09 Aug 2024 12:24:55 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 110ms
36ms Font
font/woff2 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;600;700;800;900&family=Montserrat:wght@400;500;600;700;800;900&family=Poppins:wght@400;500;600;700;800;900&family=Inter:wght@400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 13:06:13 GMT
x-content-type-options: nosniff
age: 253122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 13:06:13 GMT

GET
H2 200 5f2d62b5a0121c32f4fa.ttf
secure.gratowin.com/lobby/ 8 KB
5 KB 50ms
49ms Font
font/ttf 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/5f2d62b5a0121c32f4fa.ttf?ehmahd
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/main.6c3004060c0193b95f30.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924

Request headers

Referer: https://secure.gratowin.com/lobby/main.6c3004060c0193b95f30.css
Origin: https://secure.gratowin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nP6mh8rJF7u9wUBJ7276Lk9ra9GH2n-ou75wgnfam3ZSEO36nC-TWmpcHdIWAUhCeUpDw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:54 GMT
server: cloudflare
etag: W/"029804670aaff6f015c5995ed6252bf6"
vary: Accept-Encoding
x-goog-generation: 1723096734241629
content-type: font/ttf
x-goog-hash: crc32c=zxr77w==, md5=ApgEZwqv9vAVxZle1iUr9g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 8204
cf-ray: 8b0761ee0ddf39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:40 GMT

GET
H3 200 favicon.ico
storage.googleapis.com/moon-prod/static-content/brands/8/ 113 KB
113 KB 677ms
676ms Other
image/x-icon 173.194.68.207
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 173.194.68.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qr-in-f207.1e100.net
Software: UploadServer /
Resource Hash: 4f5809f78924d13977e8561562c239af16f3f8d6d91f8f30f64ef4f686167389

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:56 GMT
age: 0
x-guploader-uploadid: AHxI1nNfxklNS-DObit71J8C4qkde190ByD_CkDohgxRh203Ez2fs2ojoCjF5Wp8BrRsTiRiX_8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115929
last-modified: Sun, 06 Sep 2020 14:56:17 GMT
server: UploadServer
etag: "c5463d610bbde856ceb6499c430cfcd5"
x-goog-generation: 1599404177757256
x-goog-hash: crc32c=ppxTxw==, md5=xUY9YQu96FbOtkmcQwz81Q==
content-type: image/x-icon
cache-control: public, max-age=3600
x-goog-stored-content-length: 115929
accept-ranges: bytes
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 07:59:56 GMT
expires: Fri, 09 Aug 2024 12:24:56 GMT

GET
H/1.1 200
OK frame.html
gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/ Frame A39E 0
0 388ms
140ms Document
text/html 46.51.157.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/frame.html?id=4652156693&key=4GFfCDNISbAA42sX5TfGUzjOtvi8wJtI

Requested by

Host: src.webpu.sh
URL: https://src.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/sdk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.51.157.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-51-157-121.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=21600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 09 Aug 2024 11:24:55 GMT
ETag: W/"7dd053793ed36b7e0d4b554f9a5c4fe1"
Last-Modified: Fri, 07 Jun 2024 16:49:41 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: rI3M8sCkztxocSmT7rKsBaP+ZJRqFnnWns7ro3hVnB6FQ5fPMLoRfLAYTfvROaQEgjOOizzyO0bSbum2XRpW0w==
x-amz-request-id: GP0255ZDGS088JCZ
x-amz-server-side-encryption: AES256

POST
H/1.1 200
OK deviceUpdate Show response
api.xtremepush.com/push/api/ 68 B
486 B 111ms
110ms XHR
application/json 46.51.130.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xtremepush.com/push/api/deviceUpdate
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.130.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-130-78.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f

Request headers

Accept: application/json
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Aug 2024 11:24:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json
Access-Control-Allow-Origin: https://secure.gratowin.com
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
719 B 62ms
61ms Stylesheet
text/css 172.217.197.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.197.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qa-in-f95.1e100.net

Software

ESF /

Resource Hash

cedad0118f7458406b5cb47c88f4a08fd6a1c2051676c835d6b40a8f19a8f23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Aug 2024 11:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 09 Aug 2024 11:24:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Aug 2024 11:24:55 GMT

GET
H2 200 seal.html Show response
www.gratowin.com/ Frame 4089 2 KB
957 B 432ms
387ms Document
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gratowin.com/seal.html
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/main.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cf5f2e184c2f7d6dc9abb48326df65efdc00ad6c7defa6d359c0ca7a1181952

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8b0761efbd8d3870-YYZ
content-encoding: gzip
content-type: text/html
date: Fri, 09 Aug 2024 11:24:56 GMT
last-modified: Thu, 02 Mar 2023 12:35:07 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2

200

main.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/ Frame 3018
Redirect Chain

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

8 KB
0

0ms
0ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b66835d6679a8a4188ed1db06487c159ba30aed3625e2df9c23c055be3844a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b0761e73fd539ff-YYZ

Redirect headers

date: Fri, 09 Aug 2024 11:24:54 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b0761e6ffa039ff-YYZ
content-length: 0

GET
H2 200 mastercard.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 223ms
167ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/mastercard.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bab7eab8e1e05aa031ce685b74fdb8bbbffb418f4068dadfb44ffd6d130af5d

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrFmnuIgRJY9cipD9rkUGrSI-qtDx4VWMXLcVWASpaOA5i-N15b2wygWBfgIkIsOJlu8yu44pXbIg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2569
last-modified: Mon, 02 May 2022 11:58:15 GMT
server: cloudflare
etag: "f3ff236418dbe75a588fc2f277baaab6"
vary: Accept-Encoding
x-goog-generation: 1651492695597263
content-type: image/png
x-goog-hash: crc32c=8BOYTg==, md5=8/8jZBjb51pYj8Lyd7qqtg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dap2mCZvP0WvpdeIbDAKZ2aZGy%2FYWPORDmSYlXlK7rdoN9zZU6L0SVQXHE%2BgV0qRBCQM3H9kjbKXGT9aI%2BkRlP0DKy6b8C%2B3xOW%2B1utuAVGHUB1nT8LpvRQba1negzMFWtqgEvu3JQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2569
accept-ranges: bytes
cf-ray: 8b0761efdc70abd9-YYZ
expires: Fri, 09 Aug 2024 12:24:55 GMT

GET
H2 200 PostPay.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
3 KB 230ms
175ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/PostPay.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd44487689f7f4501db1b9b7a7a50849c4d42e534eef60a04356a7851e92c0c

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPpRtxo2mhOX5a0hZz7_DtH_ahCnZGgw0gy5iAMawtA5FqZ067_UV7paBWz7i6ZzYnhS7lwsec_FWg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2501
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "1ade0623f06ef3964f06847a2adca08a"
vary: Accept-Encoding
x-goog-generation: 1651492693814444
content-type: image/png
x-goog-hash: crc32c=2WIQPw==, md5=Gt4GI/Bu85ZPBoR6Ktygig==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k8szEB39TNQCrcC2tlnyVfJcIVFQ06iwTM9DevCB27XyiocG9JntTTr8B%2BY9EN2yF%2F8kwOl%2BuHCDwJ4C8PhGs3NJQIv6nMsDGZcrl3aZUEiTarmQTMaFd%2BOUHivxZ8pwv41h9KD17Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2501
accept-ranges: bytes
cf-ray: 8b0761efdc6dabd9-YYZ
expires: Fri, 09 Aug 2024 12:24:55 GMT

GET
H2 200 Quantom.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 668ms
614ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Quantom.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af2e2a86b8e8d47a1a5ca54128c0a7adf09074386cf5a8ee68f178a68584362

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: AHxI1nMCDLpdP5-vK_Ne_PKM7howdvGuP_8mM33bvRL2Ans0B7hRYHi8_K-f_e7OZnAL2MZ-bcw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1625
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "95b14f93ce4d7a3b73a65afd4da99d34"
vary: Accept-Encoding
x-goog-generation: 1651492693805894
content-type: image/png
x-goog-hash: crc32c=/nRmrA==, md5=lbFPk85Nejtzplr9TamdNA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PgqRcOO%2B2haAmtjaARtlj7i9EoeveKS9sVL%2BOx83ktRKEAYfHNaqmcl8aqHPem98B7T2Spq2FOq1tyWqMPBQWXv5Tr2rViWYOB1mzS6We9AFiU10AMOu5vxct1SXuezxXwVcoqOyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1625
accept-ranges: bytes
cf-ray: 8b0761efdc72abd9-YYZ
expires: Fri, 09 Aug 2024 12:24:56 GMT

GET
H2 200 visa.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 223ms
169ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/visa.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ca845c5e87533da52958f4b9c52f6d2a373f2a273a7b6e90093026f7a1ae47

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrRV9Wg-qCh08OFj7_vuX65wfX0eN3Rhf2OA5LwhYCn5U3PnsO-JOuniZ_EGMOO7GkTzYp7wtBPeg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3070
last-modified: Mon, 02 May 2022 11:58:26 GMT
server: cloudflare
etag: "e9d7082867979eabe30e401d6cf941f6"
vary: Accept-Encoding
x-goog-generation: 1651492706733395
content-type: image/png
x-goog-hash: crc32c=yJZTHQ==, md5=6dcIKGeXnqvjDkAdbPlB9g==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pghgcpZvuWGIKuq8z3ewOz7BbhhM2adL1IIXW%2B8mpJJHBKZolG%2B3luh7zT%2Bbcv9%2BWMRJ1Zx465zOncI3WlbLY5Yf8ADqGOarWWvg7GoZ9C3JkXuYsJvj%2F5M2wuU%2Fjr9csMqpMNcjxA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3070
accept-ranges: bytes
cf-ray: 8b0761efdc6cabd9-YYZ
expires: Fri, 09 Aug 2024 12:24:55 GMT

GET
H2 200 Click.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 222ms
168ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Click.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74686cb67a39ba6066421272589bcf938003022d9dbc772454747518073ac1a9

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPoDtUBIMwIybsKr28tMmpCppTr_nkgTjosgZg9BzUIZIowZDfve1D0CFwhC4yDUBQW6Li0MfGO58A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1853
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "b85f792d205fbda0910dbe67efbccfb4"
vary: Accept-Encoding
x-goog-generation: 1651492693259411
content-type: image/png
x-goog-hash: crc32c=zOEnDg==, md5=uF95LSBfvaCRDb5n77zPtA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NUgxH72WLk%2B87d3k4USR3%2BeBVK%2Bj%2FrOJFWtlMPqq4YzThDEC0Dexi5A3plfhqgbhVNvRWh3OPMeYzFSmFe%2BJO%2FqlZCEtFvQXHpdK8g2Qi5Yb4oKaU0hKsSp54P5zk3nWqWP9Uw7mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1853
accept-ranges: bytes
cf-ray: 8b0761efdc71abd9-YYZ
expires: Fri, 09 Aug 2024 12:24:55 GMT

GET
H2 200 Neosurf.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 240ms
186ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Neosurf.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4363b84238dda44f9ca7980c91b775f141a438aa2af9152b98a036f664ca178

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPo6hFrvvjVweWYFRtbSzokFnhAUvluV7D_nnnEm8h2aWICnA-SmoIQliLO3zovf6EmKUXH30100Ow
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2012
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "f2b574780708ebc637d4f2b8dac8269f"
vary: Accept-Encoding
x-goog-generation: 1651492693747409
content-type: image/png
x-goog-hash: crc32c=FPaoNQ==, md5=8rV0eAcI68Y31PK42sgmnw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrf0NwyrirpH13hv12qtgEDrKbS3dZSTAAJyWgbIe1IHXzRf2uApWuOe4mO%2BkbTjms2q8zmzW86%2FjywhqmirP7EL6ECv%2FCRI90MVTjIigzWO0MvBftXvp%2FYHRAy6942CzyEwu4fTxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2012
accept-ranges: bytes
cf-ray: 8b0761efdc6fabd9-YYZ
expires: Fri, 09 Aug 2024 12:24:55 GMT

GET
H2 200 Cashlib.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 40 KB
41 KB 210ms
165ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Cashlib.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e91de8b587baf86d05f8da82ac270eab8d4989defcdc85ffda62578778b04a3

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPo-phd8Sg4E5q1PS9bIcnODBw89wEPGv1_aC1BpXNZDfp_Wh73PVcY-hyjCv2TibyGayyeYLzJvFA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 41452
last-modified: Mon, 02 May 2022 12:21:31 GMT
server: cloudflare
etag: "7efb0c903552116f2a60b434f81c48db"
vary: Accept-Encoding
x-goog-hash: crc32c=VLi8lw==, md5=fvsMkDVSEW8qYLQ0+BxI2w==
x-goog-generation: 1651494091311094
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frEvcDyo%2FsoEQC7AtDjrPC98kH9WJO1aWj%2BvNKF18ORpYIgB2wD1JxrePlDsJMhRfs7JrtxwXJk4To2uLU1nWsDiN8c2AOsFZswBQ%2FHfay%2FoeJoqMciR5QFABXDItKhAjcVw9IM4Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
x-goog-stored-content-length: 41452
accept-ranges: bytes
cf-ray: 8b0761efdc6babd9-YYZ
expires: Fri, 09 Aug 2024 12:24:55 GMT

GET
H2 200 SSL.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 8 KB
9 KB 649ms
604ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/SSL.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048b2f5e3b86bec8b10baa4271ef5c706150a317e3a42a4a2ea97ca4a507b024

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:56 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrzq_47uBBSI1YWlMAPtHzCZtNo82s69VQM5EYEl9XYqs3gjzEX4In-hYsyHa_7MUVqMsRwLQ4NZQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 8404
last-modified: Mon, 02 May 2022 12:25:35 GMT
server: cloudflare
etag: "adcf0ed844d4d6c3bc72a35c973315f0"
vary: Accept-Encoding
x-goog-hash: crc32c=v0ntag==, md5=rc8O2ETU1sO8cqNclzMV8A==
x-goog-generation: 1651494335286155
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dt0nE1sYglWmhMsMgoN2qWdKUfsEnqo4GiiiQ%2BxzYZsDmU6e76sqYrIBffGdeDwznTWzlEl6%2BgR7%2F6rAQWDbQ3WQ1hWXTWvcq2FCpLP0YsQ9Zk1H8pnKzMttbaqq%2FCrLfHYz4w%2B1aw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
x-goog-stored-content-length: 8404
accept-ranges: bytes
cf-ray: 8b0761efdc6eabd9-YYZ
expires: Fri, 09 Aug 2024 12:24:56 GMT

GET
H2 200 Plus18.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 1 KB
2 KB 262ms
217ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Plus18.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44452423e27abf304bca5773bc2657000d4e69a578f406af5b3d096a7a3f666

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPqhkiwGUcQOcARKAspOKPlrhmVGOxvISjwOMsUnCOV1MrAtHNsP36j4XGySgDtSEfGHtMHq3-U5-A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1196
last-modified: Mon, 02 May 2022 12:25:34 GMT
server: cloudflare
etag: "a220d4a45c9d5d871044e51ab9d05d26"
vary: Accept-Encoding
x-goog-generation: 1651494334802110
content-type: image/png
x-goog-hash: crc32c=78JZmw==, md5=oiDUpFydXYcQROUaudBdJg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4h0XQWQSiECxL66Ib2OEcpfScBYwBH6GfHkfEes9Quu6P3klAmBnlrhAr9wv%2Blav7%2BJZNNATWwvF9ouerS4CA%2F4WiMN85NdpgE1VyfKL2cO4r1jSn7cUmNTmEvJovuBfj9EyuvYsZw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1196
accept-ranges: bytes
cf-ray: 8b0761efec80abd9-YYZ
expires: Fri, 09 Aug 2024 12:24:55 GMT

GET
H2 200 PciDss.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 223ms
178ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/PciDss.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754a00a45d1681fa7872ded722930116706b858e4b38366971e4b301140666c6

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPodHFngOgFh51fPtkyn7ZtbOpg9DEFIQ4N19oihmifecRWPK6uh0yyMaoAk3t532X_RCjU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3062
last-modified: Mon, 02 May 2022 12:25:34 GMT
server: cloudflare
etag: "fc0a95ce0fc60e39c035243f53fdc67b"
vary: Accept-Encoding
x-goog-generation: 1651494334776388
content-type: image/png
x-goog-hash: crc32c=qWUl9A==, md5=/AqVzg/GDjnANSQ/U/3Gew==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XnM9ciUIj1U8fWgdocDi1qGQmvRYSFcuCuZMdwYPVyznZ5Wqpu5pXOy5rMqvfLtFM%2BfMLdfQzzxutICJv5ex%2FsoCo4moQ14JuLe5XU6sNmlGIAJrWxCrVlL5dEfRF3LX4DMFbZ%2FPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3062
accept-ranges: bytes
cf-ray: 8b0761efec7fabd9-YYZ
expires: Fri, 09 Aug 2024 12:24:55 GMT

POST
H2 200 8b0761ed7a2dabb1 Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3018 0
362 B 52ms
47ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/8b0761ed7a2dabb1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 11:24:55 GMT
server: cloudflare
cf-ray: 8b0761f02f9639ff-YYZ
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 0ms
0ms Font
font/woff2 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 13:06:13 GMT
x-content-type-options: nosniff
age: 253122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 13:06:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 0ms
0ms Font
font/woff2 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 13:06:13 GMT
x-content-type-options: nosniff
age: 253122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 13:06:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
0 0ms
0ms Font
font/woff2 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 13:06:13 GMT
x-content-type-options: nosniff
age: 253122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 13:06:13 GMT

GET
H2 200 apg-seal.js Show response
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/ Frame 4089 4 KB
2 KB 285ms
178ms Script
text/javascript 3.162.125.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/apg-seal.js

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-11.iad61.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

40cc5f1156593709eb3ee55c965d0a55be93435b391562835fc70a5bff1bee40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 f638767bb567304644b370360b61ed30.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: IAD61-P3
x-powered-by: Express
etag: W/"e2d-4L1bUmaJVkbtcR7jTyt3W6iHO+k"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 8b0761f31916c978-IAD
x-amz-cf-id: AVFDhGzmINDV8h4aD-Fyci-RqMWJ5yC7f99yZVeYnDiMK86RokV5aw==

GET
H2 200 95f165abef6c4979fb6c60ec6b1f5d75-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3BhY2VyLXNwcml0ZS5wbmc%3D
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/ Frame 4089 95 B
495 B 359ms
358ms Image
image/png 3.162.125.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/95f165abef6c4979fb6c60ec6b1f5d75-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3BhY2VyLXNwcml0ZS5wbmc%3D

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-11.iad61.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 f638767bb567304644b370360b61ed30.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: IAD61-P3
x-powered-by: Express
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 8b0761f42d480604-IAD
content-length: 95
x-amz-cf-id: mDDE5RUFzX6Rv3DHEsUxluT3nEYzQj8Xh0pXX32hwNz7hk0cYVb1vQ==

GET
H2 200 95f165abef6c4979fb6c60ec6b1f5d75-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3ByaXRlLXNlYWwucG5n
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/ Frame 4089 48 KB
49 KB 386ms
385ms Image
image/png 3.162.125.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-11.iad61.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 f638767bb567304644b370360b61ed30.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: IAD61-P3
x-powered-by: Express
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 8b0761f4197a5770-IAD
content-length: 49397
x-amz-cf-id: m4QVuhV4n73nckat2F8WIZXOudzOGzPhhqRj1jIV_ZjDEbXCAO-Z6A==

GET
H2

200

main.js Show response
www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/ Frame A3A1
Redirect Chain

https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

8 KB
4 KB

24ms
24ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f041e8d29d699b8ea500dfdc0fb7ed384aa064c9e84a136b299fbc8fc83dc0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b0761f43fa13870-YYZ

Redirect headers

date: Fri, 09 Aug 2024 11:24:56 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b0761f40f863870-YYZ
content-length: 0

GET
H2 200 54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/ Frame 4089 68 B
433 B 37ms
37ms Image
image/png 3.162.125.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Requested by: Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.125.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-125-11.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 21 Jul 2024 17:26:01 GMT
via: 1.1 f638767bb567304644b370360b61ed30.cloudfront.net (CloudFront)
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P3
age: 1619936
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 68
x-amz-cf-id: YuREjd3MoSgg8O6WRYZS5dzhJnHWUwJkk0zTSCriRewpHkjvMKp8Hw==

POST
H2 200 8b0761efbd8d3870 Show response
www.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A3A1 0
357 B 58ms
54ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/8b0761efbd8d3870
Requested by: Host: www.gratowin.com
URL: https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 11:24:56 GMT
server: cloudflare
cf-ray: 8b0761f4e8173870-YYZ
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H/1.1 200
OK deviceUpdate Show response
api.xtremepush.com/push/api/ 93 B
803 B 135ms
133ms XHR
application/json 46.51.130.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xtremepush.com/push/api/deviceUpdate

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

46.51.130.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-46-51-130-78.eu-west-1.compute.amazonaws.com

Software

Resource Hash

81cdd100cb8209541e256f65e39bf2e2405b424b2a417aeb13eb8cd1df9e8ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Aug 2024 11:24:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains;
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://secure.gratowin.com
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-Frame-Options: DENY
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
X-XSS-Protection: 1; mode=block

GET
H2 200 web_icon_large_5562_5fb120e049c6f.png
s3.xtremepush.com/application/ 7 KB
8 KB 413ms
326ms Image
image/png 18.67.65.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.xtremepush.com/application/web_icon_large_5562_5fb120e049c6f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.65.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-65-59.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94fee81d12201cee36ebaf610f9f564ad36071b81c3305fafdb090414d9860cd

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
via: 1.1 126bc2e5c4c1b9ac0ffa004edc6f02c4.cloudfront.net (CloudFront)
last-modified: Sun, 15 Nov 2020 12:36:49 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-P1
etag: "3acba964b4b76d570b17dce131a38581"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7352
x-amz-cf-id: -bDtxKGZmiSHV8XiTDFL4aTKAfTN5tFgLKlbrqZ6DO3AYNUvwRzyxg==

GET
H2 200 BonusAnimation.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 8 KB
3 KB 29ms
28ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/BonusAnimation.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6424bd3de82eebc054c6e9abd717a89b7266bbfb360a3858d7e33f153c2ec696

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1724
x-guploader-uploadid: AHxI1nO7XI5pmg8DeZTyYh2vxkOQEYhuFYOgpf6nsunzk1p-iSo06ukR7zNcnAm_5X1u8nMFJgs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:03 GMT
server: cloudflare
etag: W/"556a9a350a2f212ceb25586e24c7f703"
vary: Accept-Encoding
x-goog-generation: 1723096743774349
content-type: text/javascript
x-goog-hash: crc32c=DCCXWw==, md5=VWqaNQovISzrJVhuJMf3Aw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 7760
cf-ray: 8b0761fe9c1239ff-YYZ
expires: Fri, 09 Aug 2024 11:56:14 GMT

GET
H2 200 LimitNotification.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 5 KB
2 KB 30ms
29ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/LimitNotification.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed71292e7733dd093eae619727bd3097964d29999b068146aa4c71bb7350e474

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1724
x-guploader-uploadid: AHxI1nPBkh1JtTe8z1eujprayMpEXC4zLsW2nt7hsHScIzI8ZnQMsZ4UB_lCmvvudYXohvTlJ2zICHGuPw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:04 GMT
server: cloudflare
etag: W/"ea9b80ded0ca14b2ab540659d316bf32"
vary: Accept-Encoding
x-goog-generation: 1723096744911064
content-type: text/javascript
x-goog-hash: crc32c=O4XiBw==, md5=6puA3tDKFLKrVAZZ0xa/Mg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 4695
cf-ray: 8b0761fe9c1539ff-YYZ
expires: Fri, 09 Aug 2024 11:56:14 GMT

GET
H2 200 28982.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 14 KB
5 KB 51ms
50ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/28982.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81e8d829d1064de60b36e3ef6e47d6d4304d869b95178286fba3d7738e3f6fa9

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nOsXPJ4mSvD2BUnlf4OHbnrYItGA_hJtvzBmfaZOUp3mygAfkXn4gEloY2vJ-6emp7g0tsn-ga-cg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:46 GMT
server: cloudflare
etag: W/"b8a9094f3ab5e8882cf6abe790d83b7e"
vary: Accept-Encoding
x-goog-generation: 1723096726651956
content-type: text/javascript
x-goog-hash: crc32c=rZUjNw==, md5=uKkJTzq16Igs9qvnkNg7fg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 14288
cf-ray: 8b0761feac1c39ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 81902.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 7 KB
2 KB 85ms
83ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/81902.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e20770a6aa55a8bd8e1879fd11dca08e1427e19167e9bab51a207f192e54ca1

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPyjeKa8FeYYW9DaWPNxA-6hu1F4dbMOkIEJKQ6U5DKK-XoYIopg2ecQ_-6tKToPgE_lQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:59 GMT
server: cloudflare
etag: W/"fde79c563b53f5a8a41a98919616c952"
vary: Accept-Encoding
x-goog-generation: 1723096739119778
content-type: text/javascript
x-goog-hash: crc32c=nZpb0A==, md5=/eecVjtT9aikGpiRlhbJUg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 7168
cf-ray: 8b0761feac2239ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 9549.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 6 KB
2 KB 415ms
413ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/9549.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b4a19a94f6ec46b1a34a9eda304e46879d178dfd1890e19e5e38941217dd05d

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
x-guploader-uploadid: AHxI1nNsN7SOhqP2twlQSM1lysGpAVIrhqhWdNpfHPVwRcZ22ee6yxhybLEaBL6i7FLPjOl_JA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:02 GMT
server: cloudflare
etag: W/"03762dda513af46a923b4d921108cb8a"
vary: Accept-Encoding
x-goog-generation: 1723096742592689
content-type: text/javascript
x-goog-hash: crc32c=Om4O8g==, md5=A3Yt2lE69GqSO02SEQjLig==
cache-control: public, max-age=3600
x-goog-stored-content-length: 6359
cf-ray: 8b0761feac2339ff-YYZ
expires: Fri, 09 Aug 2024 12:24:58 GMT

GET
H2 200 59099.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 12 KB
5 KB 30ms
29ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/59099.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6cc22da9281b3b58458b979975b209189193ce41e516effa8f0dd2fd41678f

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1724
x-guploader-uploadid: AHxI1nMUngxbdmix9vj_fyFArMB5IcmSvQAAXoN4o8Q0kZk3PenpUpoyeqazLHCNi4Lh3-3GcA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:53 GMT
server: cloudflare
etag: W/"f1ca7a7177dc301fbc8e7748830efa0d"
vary: Accept-Encoding
x-goog-generation: 1723096733898569
content-type: text/javascript
x-goog-hash: crc32c=w6oBOw==, md5=8cp6cXfcMB+8jndIgw76DQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 12451
cf-ray: 8b0761feac2439ff-YYZ
expires: Fri, 09 Aug 2024 11:56:14 GMT

GET
H2 200 46153.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 18 KB
6 KB 53ms
51ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/46153.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f656bff42bc36bed11f462521e04ec566171df480a11441685600bcb8a6bb659

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nMH7FZ9PajH8CknPxsUsNi6lxcTSvTNfkVBen1_H2GJnG3x1sVWYzfr3Eu5Ha47b_KkGYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:50 GMT
server: cloudflare
etag: W/"d707ce9e40036307cf253d865610442a"
vary: Accept-Encoding
x-goog-generation: 1723096730582803
content-type: text/javascript
x-goog-hash: crc32c=r4VjpQ==, md5=1wfOnkADYwfPJT2GVhBEKg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 17934
cf-ray: 8b0761feac2639ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 79646.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 11 KB
4 KB 75ms
74ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/79646.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55d05e7b5c305aa3235b99b6d290756cffa458d0bdd3d51b380cde983e69ef41

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nP5TfjC59CqJ7wjCRWWQtd5RE8bUmZpkeyMcn0M3HFWlbXyDXcy8uXbOttNLGzT957LPw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:58:58 GMT
server: cloudflare
etag: W/"725b5d11ddce5275eda80dfd79f06a66"
vary: Accept-Encoding
x-goog-generation: 1723096738390575
content-type: text/javascript
x-goog-hash: crc32c=6iEkOQ==, md5=cltdEd3OUnXtqA39efBqZg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 10889
cf-ray: 8b0761feac2739ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 99504.6c3004060c0193b95f30.css
secure.gratowin.com/lobby/ 6 KB
2 KB 62ms
61ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/99504.6c3004060c0193b95f30.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c74ed4c95982ec47a510dcf1552551e91bfa3e85cb128b36aeda45f28ffcc8f6

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nM3s-mCTkMRXJjNRYfP-AzedVGIqzvPeGPFzfzpODaTh5lPiBhYLxJEN_XPcC12k7AwmJokKrRzUw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:03 GMT
server: cloudflare
etag: W/"aebaa91c114feeea71201c83e37bb470"
vary: Accept-Encoding
x-goog-generation: 1723096743770122
content-type: text/css
x-goog-hash: crc32c=jOyUPQ==, md5=rrqpHBFP7upxIByD43u0cA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 5847
cf-ray: 8b0761feac2539ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 LoginModal.6c3004060c0193b95f30.bundle.js Show response
secure.gratowin.com/lobby/ 8 KB
3 KB 50ms
49ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/lobby/LoginModal.6c3004060c0193b95f30.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/runtime.6c3004060c0193b95f30.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d5d49bd3079977d28e6e23bc6f562519ef6095448c23b5b0fae6a2c0832fbab

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-guploader-uploadid: AHxI1nPUuDjiK551G1F3bB_UoIMwUlV1VohA8HWLrLtLY1a2r02Biak4lKdAM-GFAMjWkp1Hr6NZG40iAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 08 Aug 2024 05:59:04 GMT
server: cloudflare
etag: W/"bbbaef1c4506bfb424f2afa04f76f01d"
vary: Accept-Encoding
x-goog-generation: 1723096744902219
content-type: text/javascript
x-goog-hash: crc32c=uA77Gg==, md5=u7rvHEUGv7Qk8q+gT3bwHQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 8388
cf-ray: 8b0761feac2939ff-YYZ
expires: Fri, 09 Aug 2024 11:54:41 GMT

GET
H2 200 status Show response
ga.streamygame.com/jackpot/ 3 KB
2 KB 473ms
381ms XHR
application/json 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/jackpot/status?brandId=8&customerId=1003&requestURL=https%253A%252F%252Fsecure.gratowin.com

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/lobby/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf8af4df0f2de59892b61ea37680ed66df2224c33a7bd77624c1585300cebbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:24:58 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b0762005e78387e-YYZ
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 39ms
38ms Font
font/woff2 142.250.31.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f94.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 12:58:41 GMT
x-content-type-options: nosniff
age: 253577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 12:58:41 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
0 45ms
44ms Fetch
text/plain 74.125.192.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5D5LQ8JKK9&gtm=45je4880v9126070701za200&_p=1723202693903&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=en-ca&sr=1600x1200&cid=736467782.1723202695&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=2&dl=https%3A%2F%2Fsecure.gratowin.com%2F%3Fflow%3Ddeposit%26couponCode%3DWRP50&dt=GratoWin&sid=1723202694&sct=1&seg=1&en=page_view&_ee=1&_et=4&tfd=8363
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.192.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qn-in-f101.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Aug 2024 11:24:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

main.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/ Frame 6291
Redirect Chain

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

8 KB
0

0ms
0ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b66835d6679a8a4188ed1db06487c159ba30aed3625e2df9c23c055be3844a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b0761e73fd539ff-YYZ

Redirect headers

date: Fri, 09 Aug 2024 11:24:54 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/769ce3c24a3b/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b0761e6ffa039ff-YYZ
content-length: 0

GET CA_Visitor_WelcomePackage.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 0
0

GET
H2 200 DoubleDeposit-NEW.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 183 KB
0 221ms
218ms Image
image/jpeg 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/DoubleDeposit-NEW.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrZwQkhNPolZwoDJai-H7xvLHIYWdl7ugB-vOa9x53qFsul8WC8IeHzw7SZQku1-vHeQ4eCBYdGXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 331697
last-modified: Tue, 17 Oct 2023 14:23:12 GMT
server: cloudflare
etag: "0be45f8f8f72b2a9810d1d8cff613c99"
vary: Accept-Encoding
x-goog-generation: 1697552592607060
content-type: image/jpeg
x-goog-hash: crc32c=plPTog==, md5=C+Rfj49ysqmBDR2M/2E8mQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzy81waXvVwHyLwOOrhlVpgNhZ%2FfO0ixpvOxAeSj5fgc687DwwO4xDv8VgUDCkQDu%2F0VqWESAQz%2BSeRNRNM8%2B7YbkkQzy7lAo4iJM8p9ethvwVe5Bib3groUoB22lxzqbRHzRZ1Lbg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 331697
accept-ranges: bytes
cf-ray: 8b0762193cc0abd9-YYZ
expires: Fri, 09 Aug 2024 12:25:02 GMT

GET
H2 200 Visitor_The-Big-Draw_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 154 KB
0 234ms
231ms Image
image/jpeg 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_The-Big-Draw_.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ACJd0NrLL1VBkLHgdJj8Bs5_DaJayCEgz8qgZoC6VbRFgnWQFlSUyNO1ukiEE9FubXRHjMM0wMhhRAvMDA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 454395
last-modified: Tue, 12 Mar 2024 08:46:44 GMT
server: cloudflare
etag: "333a8156d2b05c6cac839bb5f8e2505d"
vary: Accept-Encoding
x-goog-generation: 1710233204920068
content-type: image/jpeg
x-goog-hash: crc32c=Gf7hyg==, md5=MzqBVtKwXGysg5u1+OJQXQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJIYzomqneoU3SrhLQcnYM0T07VUz25XPI7k8zoiBGmgel4xAiQUekD8zHmq%2Ba3qwB7%2B96c3Nuu028TsF7%2BQJeUaUCyIoSzj5jmyiAj6z8IKB%2FJ3HPpups%2FNVZawOGSHHxEucXITYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 454395
accept-ranges: bytes
cf-ray: 8b0762193cc2abd9-YYZ
expires: Fri, 09 Aug 2024 12:25:02 GMT

GET
H2 200 Lucky_6_Roulette_Madness_Visitors_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 261 KB
0 190ms
188ms Image
image/jpeg 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Lucky_6_Roulette_Madness_Visitors_.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ACJd0Nr2BU_zTZ9w6wFe1y5S1X535rRXbFW2Y6TP9WWVgnksW0SojLYmfHDA-3U3OWO0pPLR7nE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 369558
last-modified: Wed, 17 Jul 2024 14:07:01 GMT
server: cloudflare
etag: "9ba8798d1759618e99283a798297f292"
vary: Accept-Encoding
x-goog-generation: 1721225221673953
content-type: image/jpeg
x-goog-hash: crc32c=zJno8w==, md5=m6h5jRdZYY6ZKDp5gpfykg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4YobuhJfo4JIjDz10nCYhOMkFf7Ve2IHjzuQuqrNUn6L7o%2Bb7K%2BLSoWAJVCJyY8JsV8URtro8FxekXJEQqDWKrEdpomMXcwEOUdy%2FiiDuxmBDeidTYo%2Fky4gMQY8LGI1z18ig%2FYBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 369558
accept-ranges: bytes
cf-ray: 8b0762193cc3abd9-YYZ
expires: Fri, 09 Aug 2024 12:25:02 GMT

GET
H2 200 WeeklyCashback.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 182 KB
0 221ms
219ms Image
image/jpeg 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/WeeklyCashback.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrzJVE3fjHzso6zMtbKmGLPhWjPzDtYvfkTKv7KAmJW9XvyjHr4ow2US8RGRFGBFqvL48Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 640106
last-modified: Wed, 11 Jan 2023 06:43:04 GMT
server: cloudflare
etag: "a8ba90e328f6549dc0142af297ebd572"
vary: Accept-Encoding
x-goog-hash: crc32c=/mwnPw==, md5=qLqQ4yj2VJ3AFCryl+vVcg==
x-goog-generation: 1673419384943391
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqKxqsYimSN%2BToZbvt8%2FEIgB1kvOWufiYattZjOiBd14vu%2BIqFToUuec3Wd46eR8Zlvq2BzPDUM%2BkSKMM%2FvVLOg0Mw4AbrPJEM7nJmY5tEhOqYys49WAGA2uE6rfNtogG3D7smligw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
x-goog-stored-content-length: 640106
accept-ranges: bytes
cf-ray: 8b0762193cc4abd9-YYZ
expires: Fri, 09 Aug 2024 12:25:02 GMT

GET
H2 200 Aviatrix_Bet_Visitors_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 224 KB
225 KB 187ms
185ms Image
image/jpeg 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Aviatrix_Bet_Visitors_.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7234c9da510a7879c13eaf3958670c4168f0d959cbf074421374406a19c0f83

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPo1vRKyVXKh9MMC-WavIYZBEYeE262YizobtRWW8dwX24_ocZ6XD4do1syxBKqfAuhi_PSj-uCETQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 229493
last-modified: Mon, 03 Jun 2024 10:26:35 GMT
server: cloudflare
etag: "cc3d1b2019d01918628bbdcd31c7161b"
vary: Accept-Encoding
x-goog-generation: 1717410395306942
content-type: image/jpeg
x-goog-hash: crc32c=NXRMuA==, md5=zD0bIBnQGRhii73NMccWGw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTyd9d9lyZr6sNdkfy0NZE4eG7Zi%2Fkww34973wAIhCa0lZqklckoj%2Ff9q52ztvns8AAuowGzW0Mbb7enA2Bbly4WwcW6Dqk4zYD76Qv6oYGXXpfuv%2BovQI5Kq%2BtwVsGG8ZXtW8G3Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 229493
accept-ranges: bytes
cf-ray: 8b0762193cc5abd9-YYZ
expires: Fri, 09 Aug 2024 12:25:02 GMT

GET Pragmatic_Drops&Wins_Visitors_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 0
0

GET CA_FridayFun.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 0
0

GET
H2 200 Visitor_VipPoints.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 15 KB
0 288ms
287ms Image
image/jpeg 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_VipPoints.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPoJTCfxZWQ3g2DmchFAXQv0mdeNGXzlqxgOmmd2GfaodAuG0wYxXx_urgC3r64p7fb5Ijn0LUoI6w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 239901
last-modified: Fri, 23 Dec 2022 09:37:26 GMT
server: cloudflare
etag: "33a67d20a4ab15504d591a96f25ab9f9"
vary: Accept-Encoding
x-goog-generation: 1671788246895946
content-type: image/jpeg
x-goog-hash: crc32c=zi0a3g==, md5=M6Z9IKSrFVBNWRqW8lq5+Q==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BnA3%2FfyGQedOR15XVntlHptTNm1XfSfV2lozm5VYKDLItjol%2FX%2B%2B2sJno4wUrKptaRujZyty9jiCI8k61oF%2Baw0OWN0olPNRK3z%2BxwYwiKGE8AZ6%2BocPqZkvScEC68oodVRh9qfGzg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 239901
accept-ranges: bytes
cf-ray: 8b0762193cc8abd9-YYZ
expires: Fri, 09 Aug 2024 12:25:02 GMT

GET
H2 200 GW_Spinomania_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 136 KB
137 KB 167ms
166ms Image
image/jpeg 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/GW_Spinomania_.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6009b1e90695439f19de60bfac2238c97ed4492e012490190f9912f78cd9b137

Request headers

Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: AHxI1nOnFmOZkomDkwQR2mBZW1tLHAgT2DtDmWgFpaxFuB0ONsYfIkDmAvqgSef0r3IAmatjhXg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 139108
last-modified: Fri, 19 Apr 2024 07:35:53 GMT
server: cloudflare
etag: "be9227f27381e03dbadb4fdfbcb4faa5"
vary: Accept-Encoding
x-goog-generation: 1713512153634126
content-type: image/jpeg
x-goog-hash: crc32c=nGcjVQ==, md5=vpIn8nOB4D2620/fvLT6pQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuGGK0Mh1mH4L%2BAlExm%2FsftTNCZNr9CHEe2t7qkvBGYvw8RohIud%2BHZ%2FqMM5qg2P5ISFeBIINl5cVNgaYnswpuxsyRwlinTibbXQpwk%2FEG1xd1AAhaEkMYMt7wAIPWKqQiI9bWH2oA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 139108
accept-ranges: bytes
cf-ray: 8b0762193cc9abd9-YYZ
expires: Fri, 09 Aug 2024 12:25:02 GMT

POST
H2 200 8b0761ed7a2babb1 Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6291 0
387 B 59ms
55ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/8b0761ed7a2babb1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Aug 2024 11:25:02 GMT
server: cloudflare
cf-ray: 8b076219bbdf39ff-YYZ
content-length: 0
content-type: text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.gratowin.com
URL: https://secure.gratowin.com/playerapi/games?country=CA&device=desktop&requestURL=https%253A%252F%252Fsecure.gratowin.com

Domain: cms2.netoplaycdn.com
URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/CA_Visitor_WelcomePackage.jpg

Domain: cms2.netoplaycdn.com
URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Pragmatic_Drops&Wins_Visitors_.jpg

Domain: cms2.netoplaycdn.com
URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/CA_FridayFun.jpg

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.geogratowin.com/	1969-12-31 23:59:59	Name: ServerId Value: B
secure.gratowin.com/	1970-01-21 08:16:02	Name: redux-cookie Value: %5B%5D
mpsnare.iesnare.com/	1970-01-21 07:25:38	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 3bL3zIVei3BDtN2BRIabHfLBCkYKNMRcnLfYNwmlJ80=
.gratowin.com/	1970-01-21 08:16:02	Name: _ga Value: GA1.2.736467782.1723202695
.gratowin.com/	1970-01-20 22:41:29	Name: _gid Value: GA1.2.475419204.1723202695
.gratowin.com/	1970-01-20 22:40:02	Name: _gat_UA-27702367-6 Value: 1
.gratowin.com/	1970-01-21 08:16:02	Name: _ga_5D5LQ8JKK9 Value: GS1.2.1723202694.1.1.1723202694.0.0.0
secure.gratowin.com/	1970-01-21 08:16:02	Name: locale Value: %7B%22lastSavedLocale%22%3A%22en%22%7D
.gratowin.com/	1969-12-31 23:59:59	Name: playerType Value: 0
secure.gratowin.com/	1969-12-31 23:59:59	Name: registerState Value: returning
.gratowin.com/	1970-01-20 23:22:49	Name: url_affToken Value: 1
.gratowin.com/	1970-01-20 23:22:49	Name: url_affiliateToken Value: 1
.gratowin.com/	1970-01-20 23:22:49	Name: url_flow Value: deposit
.gratowin.com/	1970-01-20 23:22:49	Name: url_couponCode Value: WRP50
.www.gratowin.com/	1970-01-21 07:25:38	Name: cf_clearance Value: UKbeqETKgrpWVq_LbXVUnBGjde25C4Ks..tYgyVzaC0-1723202696-1.0.1.1-mToiESZgz4n9C8KjsG3BBS3igpsRic7EFHZmoQlXUywOM5sArFhGet6rkugIsppuM15T9fTjNEppbOIMoNRRjQ
api.xtremepush.com/	1970-01-21 02:59:14	Name: _xpid_2607 Value: 4652156693
.secure.gratowin.com/	1970-01-21 07:25:38	Name: cf_clearance Value: CFEteXRsiQE.VkiVyRqgAfl9jL4kiJmhuASXYO19vqA-1723202702-1.0.1.1-RT.FX1MX8uPZ10yBtdBopqnOE3Qjwz0ufUupUQrOAapZirvS6PxL.H99n8clD6J9J.IaUbLphzN9M2EcsroTUw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com
anakatechsupport.freshchat.com
analytics.streamygame.com
api.solitics.com
api.xtremepush.com
b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com
bat.bing.com
biy.io
cms2.gratowin.com
cms2.netoplaycdn.com
d2afn796dyftlg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ga.streamygame.com
gratowin.webpu.sh
maxcdn.bootstrapcdn.com
mpsnare.iesnare.com
s3.xtremepush.com
sdk.solitics.com
secure.gratowin.com
src.webpu.sh
storage.googleapis.com
web-sdk.smartlook.com
www.geogratowin.com
www.google-analytics.com
www.googletagmanager.com
www.gratowin.com
cms2.netoplaycdn.com
secure.gratowin.com
104.18.10.207
104.21.24.167
108.138.85.60
13.248.221.98
13.32.151.53
142.250.31.94
147.78.140.52
147.78.140.54
147.78.140.87
172.217.197.95
172.217.222.97
173.194.68.207
18.67.65.59
204.79.197.237
3.162.125.11
46.51.130.78
46.51.157.121
52.31.202.204
52.6.11.66
52.85.132.101
52.85.132.68
52.85.132.7
74.125.192.101
03f39b06122a53d2cc7c9c00c3afac616a9d57cb55a4c1fc186b522ff4cbacee
048b2f5e3b86bec8b10baa4271ef5c706150a317e3a42a4a2ea97ca4a507b024
0817cf35f92b0d0cccac3bc2a954cfcd251ca6d1b49bcb9146e4b5fadd9ace5a
0a24daddbc8f1cc57031e35af1457ae14d77f8d8ecb1fb5b8ca8c281eca7cb56
0af2e2a86b8e8d47a1a5ca54128c0a7adf09074386cf5a8ee68f178a68584362
0d5d49bd3079977d28e6e23bc6f562519ef6095448c23b5b0fae6a2c0832fbab
0de561cc8e202fa0db40f40415ddb7194764556770ad3fab75147ddbfb2c8371
0e91de8b587baf86d05f8da82ac270eab8d4989defcdc85ffda62578778b04a3
11410914a8cddc52544c5020a955eadc623ad903b5d5e2f87b3fa49353bf9576
18f26039d9feab7f3b028917611ff82337088c43d584722bff53b98e358bdde0
1f3283135b1e8cc0c73e47d2ca40d065de7e31101b3f2e0b8ff98b5994c10cdb
2226ba044b955b50066da675bee5d8f8e00634dda16076e36d13ea37fa4f063f
27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048
2a4a01dd65c9076541a66eb15a8ff2cabf4357de5b466599c51d37c8ddd66a19
2ba22a3f34a72882ce4613d6ceda65e51af751f02290fbc17dbdd0d911858049
2bd44487689f7f4501db1b9b7a7a50849c4d42e534eef60a04356a7851e92c0c
2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6
2da346af8503389371ed51c03cb65a5507bd28f54f3fa3cefead703cd632438a
2fdcecb5205dbf9e519a6a7b5aaf6e33c50bb76a7aa1484f6b9ecedc4ff1cb2a
31d1b145b50abff4a8b91e06093d7ec6dd63fab6ec61b7d48713f156bd7577ba
3373a5b2aef845b7e80caec1cf1d6dd2dc4d77df7fca4dbdff499fd36c6c491b
33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f
364732b82e8291de3b1c124e37a761fe7358be95d82961f950e201a39d799dd5
3b6cc22da9281b3b58458b979975b209189193ce41e516effa8f0dd2fd41678f
3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866
4057bc693cc63e2ba74691cfaa9c6fca281ac9454565a43e28ebc0475e267cdb
40cc5f1156593709eb3ee55c965d0a55be93435b391562835fc70a5bff1bee40
461f93d62ffd6c99ccc22681f8dfb552f2fef20dce3ef4b70ddd3186f23eee7a
486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b
4aafaed5471b7f27a01821cd1224d46783d9e7994dd295ea2972a0cb4493e675
4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0
4db2455054bd00c08afc2351fdc0b6525683a367137e692ab07611776873f131
4e20770a6aa55a8bd8e1879fd11dca08e1427e19167e9bab51a207f192e54ca1
4f5809f78924d13977e8561562c239af16f3f8d6d91f8f30f64ef4f686167389
4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7
505edf93b3cc9edecaa4820549d7255856864ce16231e09c5055bfba5d8a2934
520d69d708084fcaecd3f34a7ad7c9e300f115d575d1350f8d0ebb8fdda52ea5
550a238cf606f3ab507e807a137985b5507eb047ac10799bb6badd68735018cd
55d05e7b5c305aa3235b99b6d290756cffa458d0bdd3d51b380cde983e69ef41
565e0673ae3c680a01e83781bc9bb3b507e4743bb1a83f718cba658a0d7b2fab
6009b1e90695439f19de60bfac2238c97ed4492e012490190f9912f78cd9b137
6424bd3de82eebc054c6e9abd717a89b7266bbfb360a3858d7e33f153c2ec696
6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5
675a9e8e62331ccf494a0f668ac6a8f240a13f02ca63d9f7159f4648b62a94fc
684ad49349593a11655a6c36397a6fe5e334cb66de5801cbccaf43f360a32a57
686d6c6f2ac97480f2031c15a87adda38596c0d2770339d21e915eb0b987270b
69a4567da0d9e62ed583bbd1feb2f351daa82c062b814e5f6edc7a2ec1714edb
6b4a19a94f6ec46b1a34a9eda304e46879d178dfd1890e19e5e38941217dd05d
6d960ab95583052e4fb0e96389e7f7aac7fc6edf22892deb4a84288f0f838293
71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a
72ae5f198fc24edb19bde78d0f110cb91b54b01dbfc071c1b9cac85ee36af3f4
74686cb67a39ba6066421272589bcf938003022d9dbc772454747518073ac1a9
754a00a45d1681fa7872ded722930116706b858e4b38366971e4b301140666c6
7843e3266000a8104ae463b48daa7031033fcf9f3fe9e2bca36aacac6598d1b0
7ce32208321c1a409e98a42ff3f8b7c10d2d7e1cc31037dd8aa4f54e391c4b1b
7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924
7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29
81cdd100cb8209541e256f65e39bf2e2405b424b2a417aeb13eb8cd1df9e8ab9
81d1618fdf5d3b08f0bd7fc157ac489705fb261f922cc29295388f375b053dd5
81e8d829d1064de60b36e3ef6e47d6d4304d869b95178286fba3d7738e3f6fa9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8d64ee21fb8e6ba7dbbe6dd5de82aca97024679fcdd8dba757e0ea4830a72bf4
8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2
931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215
94fee81d12201cee36ebaf610f9f564ad36071b81c3305fafdb090414d9860cd
957e91f669a3abba7d46f44c2e432595f382d236e97625da97dd751df955a5e2
965e65603501aeb4433a256b8565480d3b8c1f8fc95f4bf974ede738a396d6e4
97e5794ad2dfa69f179f1f7a7db4318c7392a76cc491e6d5fa352d6db30c2a64
9b66835d6679a8a4188ed1db06487c159ba30aed3625e2df9c23c055be3844a4
9bab7eab8e1e05aa031ce685b74fdb8bbbffb418f4068dadfb44ffd6d130af5d
9c4bea128e2dd898a34387ef735fa69e538b3b4d75a95df8139a4eebe6353ebe
9cf5f2e184c2f7d6dc9abb48326df65efdc00ad6c7defa6d359c0ca7a1181952
9e59231b92221ef6398a8864919688aef45e43c12298273e176d24be2e175a63
a9dfb3e9e594038718fb375c055dafbb03d0d4368f7b1133d34c12b4b43c933f
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
ad3b494a1d810a8b90553b8737251f183be416a394969ee287d85c73c6801404
b0c3b8abaa5b3b59599001b6f58f136f67116bd422e6c64f074ecc1b1e3aac9b
b233d6c5951807e291d873760f720d0172b6ce19a6cf24ff6dba4fad5946e853
b2ca845c5e87533da52958f4b9c52f6d2a373f2a273a7b6e90093026f7a1ae47
b44452423e27abf304bca5773bc2657000d4e69a578f406af5b3d096a7a3f666
b5352f0c3029cad84308b2fcb962e36a30a6d376bc58ba0472210e766a64edfc
b569edb796c39b9ad630103a208254745c7266bfff2b06ca56320c2b43feb862
bac0124464bd5476ae47847e6e3b1f0056421730d337516995445bae50e8878b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bfd5c5fea1ef6051c021198e67eec3057c23d544f170cf384ae58b8c4b22fe1b
c153b3fe8ce2dd675bdf2e807af55089ebf4ed199405bd2c9163c7763772c9f4
c2f5dc7f19f30c5ada3c064a8ccd63490d2661f6332ab89f9d9a59801caa7edc
c3a2eb05714fce6483bf88664a687ce40afcf42089a6011b1c41953e71c2f61f
c5e42ea0a5e6e5bcf28f7c5366795e14079901db4a1ca860d314a2a4a7cc0257
c5e9b274dd2fa2b17f34799c976842b9608e23b8dc5bb1a0e21d428cee65304c
c649ca16db398249bbd2c29833c8dd1c84aae8d4625cd81d629fbb16d4424259
c74ed4c95982ec47a510dcf1552551e91bfa3e85cb128b36aeda45f28ffcc8f6
ca96fc4f6222d8656dce29c7af6971ae61970cf8e3298495348cba2d647613d6
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
ccf8af4df0f2de59892b61ea37680ed66df2224c33a7bd77624c1585300cebbc
cedad0118f7458406b5cb47c88f4a08fd6a1c2051676c835d6b40a8f19a8f23a
cf4b7670e764e041d58c675426f9689f501eb8f43c79efbc1aaa62a69b9a3acd
d327b5b670c4ce36224da7fc3ad0482e4db6404e10853517d6f2647e883af06c
d4c79dc1a3eff5146e912936b95634d65656a2bc421768aed467f0d1b2f0ecca
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
d643a01b99683e7a2433a5b6416182775d5d836bc0c4056c5608ee2d2d33b13b
db08d35026edb000b44fa46694b11e617457eaa7be2fe78d17f8ca49081d1b66
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df5c9da679f34ad05295df87f8f9c4d2943488e65d6f28ea5e9921a28ba212c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4363b84238dda44f9ca7980c91b775f141a438aa2af9152b98a036f664ca178
e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6
ed71292e7733dd093eae619727bd3097964d29999b068146aa4c71bb7350e474
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f041e8d29d699b8ea500dfdc0fb7ed384aa064c9e84a136b299fbc8fc83dc0c5
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f4e8af1980db8643f3665a52da2e2c81b38496c5143e8be16a5e38a338524c4e
f656bff42bc36bed11f462521e04ec566171df480a11441685600bcb8a6bb659
f7234c9da510a7879c13eaf3958670c4168f0d959cbf074421374406a19c0f83
f8174f418e888e16bf9ca9304f92b0bbdb41d2ab7ca512a0233f75024249fd4d
fa76c72253a6afc5a4babda569da11f7484e55a2903bac4054e09ddc6a08a737
faf2e241d8ccaac59aa598dc722cb71cae71612e19e2e1cf28c1b481e9c752f4

secure.gratowin.com Open in urlscan Pro 147.78.140.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

148 Requests

95 %HTTPS

0 %IPv6

20 Domains

27 Subdomains

21 IPs

4 Countries

2104 kBTransfer

7064 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.gratowin.com Open in urlscan Pro
147.78.140.54 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

95 %
HTTPS

0 %
IPv6

20
Domains

27
Subdomains

21
IPs

4
Countries

2104 kB
Transfer

7064 kB
Size

17
Cookies

148 HTTP transactions
0 data transactions