secure.gratowin.com Open in urlscan Pro
147.78.140.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://secure.gratowin.com/#/lobby
Effective URL:
https://secure.gratowin.com/
Submission: On April 07 via api (April 7th 2022, 4:44:26 pm UTC) from CZ — Scanned from DE

Summary HTTP 146 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 17 domains to perform 146 HTTP transactions. The main IP is 147.78.140.54, located in Bulgaria and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is secure.gratowin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 30th 2021. Valid for: a year.

This is the only time secure.gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	147.78.140.54 147.78.140.54	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
5	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
3	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:82a::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	52.214.226.97 52.214.226.97	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:224... 2600:9000:224a:7a00:19:2a6:6500:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
17	2606:4700:303... 2606:4700:3031::6815:18a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.31.235.195 52.31.235.195	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:223... 2600:9000:223e:8e00:0:c0ab:5c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	87.246.163.84 87.246.163.84	12578 (APOLLO-AS...) (APOLLO-AS Latvia)
2	147.78.140.52 147.78.140.52	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
10	54.152.199.76 54.152.199.76	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.248.73 18.66.248.73	16509 (AMAZON-02) (AMAZON-02)
14	108.157.4.58 108.157.4.58	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.126 108.138.17.126	16509 (AMAZON-02) (AMAZON-02)
2	108.138.7.81 108.138.7.81	16509 (AMAZON-02) (AMAZON-02)
146	22

44 147.78.140.54 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

secure.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms2.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.214.226.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-226-97.eu-west-1.compute.amazonaws.com

prod.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gratowin.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:7a00:19:2a6:6500:21 (United States)

ASN16509 (AMAZON-02, US)

d2afn796dyftlg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:3031::6815:18a7 (United States)

ASN13335 (CLOUDFLARENET, US)

cms2.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.235.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-235-195.eu-west-1.compute.amazonaws.com

api.xtremepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223e:8e00:0:c0ab:5c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.246.163.84 (Riga, Latvia)

ASN12578 (APOLLO-AS Latvia, LV)

anakatech.uat1.evo-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.78.140.52 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

ga.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.152.199.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-199-76.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-73.dus51.r.cloudfront.net

s3.xtremepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 108.157.4.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-58.dus51.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-126.fra56.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-81.fra56.r.cloudfront.net

438961925528018.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	gratowin.com secure.gratowin.com cms2.gratowin.com www.gratowin.com	648 KB
26	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 10178 assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 16855 438961925528018.webpush.freshchat.com	729 KB
23	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 storage.googleapis.com — Cisco Umbrella Rank: 492	963 KB
17	netoplaycdn.com cms2.netoplaycdn.com	447 KB
5	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4937	51 KB
4	antillephone.com 3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	52 KB
4	xtremepush.com api.xtremepush.com — Cisco Umbrella Rank: 23809 s3.xtremepush.com — Cisco Umbrella Rank: 182116	10 KB
3	gstatic.com fonts.gstatic.com	62 KB
3	cloudfront.net d2afn796dyftlg.cloudfront.net	9 KB
3	webpu.sh prod.webpu.sh — Cisco Umbrella Rank: 50852 gratowin.webpu.sh	46 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5582	22 KB
2	streamygame.com ga.streamygame.com	5 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	freshworksapi.com rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 11268	25 KB
1	evo-test.com anakatech.uat1.evo-test.com	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	72 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 682	20 KB
146	17

	Domain	Requested by
39	secure.gratowin.com	secure.gratowin.com
21	storage.googleapis.com	secure.gratowin.com
17	cms2.netoplaycdn.com	secure.gratowin.com
14	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
10	wchat.freshchat.com	secure.gratowin.com wchat.freshchat.com assetscdn-wchat.freshchat.com
5	dev.visualwebsiteoptimizer.com	secure.gratowin.com dev.visualwebsiteoptimizer.com
4	3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	www.gratowin.com
3	api.xtremepush.com	secure.gratowin.com
3	www.gratowin.com	secure.gratowin.com www.gratowin.com
3	fonts.gstatic.com	fonts.googleapis.com
3	d2afn796dyftlg.cloudfront.net	secure.gratowin.com d2afn796dyftlg.cloudfront.net
3	mpsnare.iesnare.com	secure.gratowin.com mpsnare.iesnare.com
2	438961925528018.webpush.freshchat.com	wchat.freshchat.com 438961925528018.webpush.freshchat.com
2	ga.streamygame.com	secure.gratowin.com
2	cms2.gratowin.com	secure.gratowin.com
2	prod.webpu.sh	secure.gratowin.com gratowin.webpu.sh
2	www.google-analytics.com	www.googletagmanager.com secure.gratowin.com
2	fonts.googleapis.com	secure.gratowin.com client
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	s3.xtremepush.com
1	gratowin.webpu.sh	prod.webpu.sh
1	anakatech.uat1.evo-test.com	secure.gratowin.com
1	www.googletagmanager.com	secure.gratowin.com
1	maxcdn.bootstrapcdn.com	secure.gratowin.com
146	24

This site contains links to these domains. Also see Links.

Domain
netopartners.com

Subject Issuer	Validity	Valid
secure.gratowin.com Cloudflare Inc ECC CA-3	`2021-08-30` - `2022-08-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
mpsnare.iesnare.com DigiCert SHA2 Extended Validation Server CA	`2021-04-27` - `2022-05-24`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
webpu.sh R3	`2022-03-03` - `2022-06-01`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
cms2.gratowin.com Cloudflare Inc ECC CA-3	`2021-08-30` - `2022-08-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.gratowin.com Cloudflare Inc ECC CA-3	`2021-08-30` - `2022-08-29`	a year	crt.sh
*.xtremepush.com Go Daddy Secure Certificate Authority - G2	`2021-08-17` - `2022-09-03`	a year	crt.sh
*.snippet.antillephone.com Starfield Secure Certificate Authority - G2	`2021-04-02` - `2022-05-04`	a year	crt.sh
*.env.evo-test.com SSL.com RSA SSL subCA	`2022-03-17` - `2023-03-15`	a year	crt.sh
ga.streamygame.com Cloudflare Inc ECC CA-3	`2021-08-31` - `2022-08-30`	a year	crt.sh
*.freshchat.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
freshchat.com Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
freshworksapi.com Amazon	`2022-01-03` - `2023-01-31`	a year	crt.sh
*.wchat.webpush.myfreshworks.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://secure.gratowin.com/
Frame ID: EDA7B5D7B86B6D79ABB1AF235B228EEA
Requests: 110 HTTP requests in this frame

Frame: https://secure.gratowin.com/brand-info.json
Frame ID: 87932518D5CD5FAF58208B76279BEEAD
Requests: 1 HTTP requests in this frame

Frame: https://www.gratowin.com/seal01.html
Frame ID: 9701879A4241CA7B2F1D8F8B2EA44F70
Requests: 7 HTTP requests in this frame

Frame: https://gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/frame.html?id=3894765032&key=L0IG8KZtOwGqoH58bUYsRzgLviuIxVzA
Frame ID: A56641D5FF5822E42CE1EFDCB1B6544B
Requests: 2 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Frame ID: ED50B55C883FF1803135684FAEFEB93A
Requests: 22 HTTP requests in this frame

Frame: https://438961925528018.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Frame ID: E63C5FF75AD1F15E5ACCB5270B9676FB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

146
Requests

98 %
HTTPS

43 %
IPv6

17
Domains

24
Subdomains

22
IPs

5
Countries

3191 kB
Transfer

8624 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://netopartners.com/
Title: Affiliates Program

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

146 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure.gratowin.com/ 3 KB
2 KB 162ms
120ms Document
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 655b826c2384d46f083d22f9acd9969d0762e00a1286f40bf706e915c57f94c5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: no-cache,max-age=0
cf-cache-status: DYNAMIC
cf-ray: 6f843a20ae749079-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 07 Apr 2022 16:44:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 07 Apr 2022 16:44:17 GMT
last-modified: Wed, 06 Apr 2022 08:01:23 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1649232083511732
x-goog-hash: crc32c=1K5CxA== md5=OsTAqdTrSkviWMQFbKxglA==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2865
x-guploader-uploadid: ADPycduOqCY-ac0bm7e6cRJDUzkZYQidNVw9fD2JRQ8o4bxI3DqeqLktIl3GO87bbZ9suPbbv29wbkbuKcIdtMPx6n7aXScbnMpm

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 86ms
30ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&display=swap

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a293fe31690126491d346623061d2c19d34f8e1160b6c1f4def430a76c3c46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 16:44:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 16:44:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 16:44:17 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 80ms
34ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 3624345
cdn-cachedat: 08/04/2021 00:04:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 291155c564a8317f49b30b4b12a3a127
cf-ray: 6f843a21dc2b6987-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dot-pulse.css
secure.gratowin.com/ 4 KB
1 KB 73ms
73ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/dot-pulse.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycduZU_e0tKcBCntguizKc469OJWiop-2dGbZGZKJ0bdsXJm6_v8F5zHdxmgXPmTfHTer6cCLuaHo4AYYKAqi5KIjc2HJBeks
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:00:58 GMT
server: cloudflare
etag: W/"63ec6ad3f23feea868bb8ad6eb2c62d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Z/NCrA==, md5=Y+xq0/I/7qhou4rW6yxi0Q==
x-goog-generation: 1649232058361831
cache-control: public, max-age=14400
x-goog-stored-content-length: 4542
cf-ray: 6f843a2188379079-FRA
expires: Thu, 07 Apr 2022 20:44:17 GMT

GET
H2 200 offline-js-script.js Show response
secure.gratowin.com/ 9 KB
3 KB 98ms
98ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/offline-js-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eb6ba40b2879785d23478f51604b6ce9d873adf6b8ddf49de98749997caad04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdvTSpuP1Ac0YX98EhVi2qSYfVNBMsoBCu84cEPfwHlijUEkZ2Y4KVryjWE3fJxVSloOl44ar2KyZsjxOMWhzRh8m47sGwU3
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:54 GMT
server: cloudflare
etag: W/"3ae428999de113e5784c02b11de0638e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=xl4Gcw==, md5=OuQomZ3hE+V4TAKxHeBjjg==
x-goog-generation: 1649232053984350
cache-control: public, max-age=14400
x-goog-stored-content-length: 9594
cf-ray: 6f843a21883c9079-FRA
expires: Thu, 07 Apr 2022 20:44:17 GMT

GET
H2 200 396.695eada1b3a53bfb6d48.css
secure.gratowin.com/ 144 KB
37 KB 122ms
122ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/396.695eada1b3a53bfb6d48.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92562fad47f8965a23f1b04fb5a001b1d35fdc772eab5e066fbf2664e215a3b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdvw0YIoVBkv5JJhGoDEGYybI1ekFbwKG866VCjaV9JSvvRjSoi5DzzHsmGwlJUuApmW3GB4zFtGMatgbQcaTAPhICCO3Dye
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:00:59 GMT
server: cloudflare
etag: W/"88ecc73b1f6c6404b724823af8d133bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=4aKNKw==, md5=iOzHOx9sZAS3JII6+NEzvw==
x-goog-generation: 1649232059392198
cache-control: public, max-age=14400
x-goog-stored-content-length: 147208
cf-ray: 6f843a21883d9079-FRA
expires: Thu, 07 Apr 2022 20:44:17 GMT

GET
H2 200 main.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 2 MB
388 KB 76ms
76ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/main.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3529f1504c322f713542e0c906062c8d967fb69ae0e2315c81e5a08a9ad98844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtOY8ap3Qwxrv_ztl24PuGTV8WjEVfhTOrlkG8F8lqk_jDVqvQRZUSbpzCawaEh86IUzQBzC0X_s3fwuiR7GmaxUIK17S1i
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:45 GMT
server: cloudflare
etag: W/"01645ffd790d6b863a8ad9aad7461d6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=MVeKyw==, md5=AWRf/XkNa4Y6itmq10Ydbg==
x-goog-generation: 1649232045695501
cache-control: public, max-age=14400
x-goog-stored-content-length: 1612714
cf-ray: 6f843a21883f9079-FRA
expires: Thu, 07 Apr 2022 20:44:17 GMT

GET
H2 200 runtime.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 7 KB
3 KB 70ms
70ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fde58cb7ad56b3f284469a4ce2819594ecfee242eb1a887049e4790322a8f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdukPk8TI0IpFio1pKW0_vcN1-audxI6QDQoXHe2bDMwDvnRaNVb75xqsULXw_3sjHWmGGXIJOEdWHJmmV90XjO3OQuBxky7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:42 GMT
server: cloudflare
etag: W/"fec41ae5fb3dfa600097e186fb8e8003"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=cWwLWg==, md5=/sQa5fs9+mAAl+GG+46AAw==
x-goog-generation: 1649232042222301
cache-control: public, max-age=14400
x-goog-stored-content-length: 6706
cf-ray: 6f843a2188409079-FRA
expires: Thu, 07 Apr 2022 20:44:17 GMT

GET
H2 200 api.js Show response
secure.gratowin.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 23ms
22ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gratowin.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6f843a2188489079-FRA

GET
H2 200 1_pixel.png
secure.gratowin.com/assets/images/ 2 KB
2 KB 71ms
71ms Image
image/png 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/images/1_pixel.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdup0IR7N_63K3Z5fPLv8QEWMWO07WdV6gG-jSXVF3IyxHno9Bjd85XXbRIsJPaym8Y4v_ZPO4hV__U3WoLG6scHf9xeynNE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 1943
last-modified: Wed, 06 Apr 2022 08:01:06 GMT
server: cloudflare
etag: "f0601ed2d0bef14ed7ce4793b13a670b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=hQGYGw==, md5=8GAe0tC+8U7XzkeTsTpnCw==
x-goog-generation: 1648553301418341
cache-control: public, max-age=14400
x-goog-stored-content-length: 1943
accept-ranges: bytes
cf-ray: 6f843a21884b9079-FRA
expires: Thu, 07 Apr 2022 20:44:17 GMT

GET
H2 200 freshchat-script.js Show response
secure.gratowin.com/ 813 B
687 B 120ms
119ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/freshchat-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70fe8cadd21c001ef74d080c1b5a44eb734f6fffaae5e8bf4098e464e25de6ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ADPycdt16YEsHCPe5eNdwkNR52MDWf_yHi5_KBv5wHTsDlDE9b66D-NOEFFW5i3r-4f2ry7IQ25UXByLzAsAaWX2Wv_r1vsGrWic
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:01:23 GMT
server: cloudflare
etag: W/"ff4576da02ca9ec017ed6cb879033383"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=uQk1ig==, md5=/0V22gLKnsAX7Wy4eQMzgw==
x-goog-generation: 1649232083511686
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 813
cf-ray: 6f843a21884c9079-FRA
expires: Thu, 07 Apr 2022 16:44:17 GMT

GET
H2 200 vwo-script.js Show response
secure.gratowin.com/ 1 KB
1019 B 115ms
115ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vwo-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd1379686f0e08fe90c06bfe0289335e25e0bba0c5f994b847618bac61dd919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ADPycdtnBAw0gJfD184IEuTg_hlIZbjlW8w1kSjTUFlo-z03f8vjIlcXjnqSnC3xJB5XY0VL53_jF0NeYWquzNo2CLJ_mws9rORy
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:01:23 GMT
server: cloudflare
etag: W/"4314d9e162d17c7d531958d4426f4d9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=o6xX7A==, md5=QxTZ4WLRfH1TGVjUQm9Nnw==
x-goog-generation: 1649232083519501
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 1438
cf-ray: 6f843a2188509079-FRA
expires: Thu, 07 Apr 2022 16:44:17 GMT

GET
H2 200 iovation-script.js Show response
secure.gratowin.com/ 5 KB
2 KB 74ms
74ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/iovation-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37da18b75e737ce56e7b7a3ba01359aeea7e6d21022e6f7b7baf120a74ef99a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdvAD7RfW8GUgbld0cqXazAQBvrXKtd35m15ujnDKUf-x_W9w7sjElHXtNZXIBXqUn-2-6BrSyNxWrnuWJSMlOElFct1obwR
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:44 GMT
server: cloudflare
etag: W/"8d186f1d3aaf1f6b361906ef2342e548"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=WB4fHQ==, md5=jRhvHTqvH2s2GQbvI0LlSA==
x-goog-generation: 1649232044619250
cache-control: public, max-age=14400
x-goog-stored-content-length: 4834
cf-ray: 6f843a2188529079-FRA
expires: Thu, 07 Apr 2022 20:44:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 261 KB
72 KB 87ms
42ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdc711394eb22ab4de4fa4315713214239181ff7f95a712a00c04afc645e0245

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73667
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 15:24:05 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Apr 2022 16:44:17 GMT

GET
H2 200 brand-info.json Show response
secure.gratowin.com/ Frame 8793 810 B
722 B 77ms
76ms Document
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/brand-info.json
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1238
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 6f843a2279f19079-FRA
content-encoding: gzip
content-type: application/json
date: Thu, 07 Apr 2022 16:44:17 GMT
etag: W/"2591ae3250ac9433c6a7e9ab77315c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 07 Apr 2022 17:23:39 GMT
last-modified: Sun, 03 Jan 2021 08:59:18 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1609664358830795
x-goog-hash: crc32c=uP0vxg== md5=JZGuMlCslDPGp+mrdzFckA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 810
x-guploader-uploadid: ADPycdtoOLhgv5oeR3rq5jsniTKp0xiaCCILJllihsUu0TdgGDDMMLRubEprNnQoaCuQA9vv2oSPm8Xm7BLWyHhvstPbq7jfDgCk

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 5 KB
2 KB 65ms
23ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=506828&u=https%3A%2F%2Fsecure.gratowin.com%2F%23%2Flobby&f=1&r=0.9316596831950255
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/vwo-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 5aff39c9c21c2b6a63efbd490ab0f0d06ec4bb45d76c7d2ac043a3adc26afbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Apr 2022 16:44:17 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 404 static_wdp.js
secure.gratowin.com/iojs/general5/ 0
0 160ms
160ms Script
application/xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/iovation-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/xml; charset=UTF-8
cache-control: public, max-age=14400
x-guploader-uploadid: ADPycduwncAsmaumPzZIwkEWn80nQoDjc4Q2u_E5q0z3Ma9vtzsLSCdtvH3zPxXQ3T2shNErTwgWfjjdKhf_UplBoz-XG_vhMSrS
cf-ray: 6f843a227a109079-FRA
expires: Thu, 07 Apr 2022 20:44:17 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 44 KB
20 KB 217ms
79ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/iovation-script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ea111de7079d12aa7391a331b5934ff9ed6f9aa789f8c948683403ae42b68a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Apr 2022 16:44:17 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: no-cache, private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: 0

GET
H2 404 undefined
secure.gratowin.com/ 0
0 77ms
77ms Script
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/undefined
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-guploader-uploadid: ADPycds4CLrXAUWVj1NkQDnafYwEyt3-utMz6l4tdfH9klOaEd7VcEhmwye-DXW8jR425swk8Tq-7yGPSocITtSCoUjpgd4Lt1h6
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: text/html
last-modified: Wed, 06 Apr 2022 08:01:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=1K5CxA==, md5=OsTAqdTrSkviWMQFbKxglA==
x-goog-generation: 1649232083511732
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 2865
cf-ray: 6f843a23bc329079-FRA
expires: Thu, 07 Apr 2022 16:44:17 GMT

GET
H2 200 en.json Show response
secure.gratowin.com/i18n/lang/ 180 KB
40 KB 142ms
141ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/i18n/lang/en.json?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67fada6ccb56a66aff672cb37a62dd54ea74dd96c3440ce29f3951d8712808b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
x-guploader-uploadid: ADPycdsHGfhdFWLm_9nvylKIb5x33PnRT0HcS0O39QmI2TkaM5Ehdl7h30siDQDIePuT7J6vVw-x7YXDP9ZmP9xl4Xx74Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/json
last-modified: Thu, 07 Apr 2022 06:59:07 GMT
server: cloudflare
etag: W/"44a8ee55d51d22695053164d8c5d275e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=DvVeng==, md5=RKjuVdUdImlQUxZNjF0nXg==
x-goog-generation: 1649314747677821
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 184616
cf-ray: 6f843a23ec779079-FRA
expires: Thu, 07 Apr 2022 16:44:17 GMT

GET
H3 200 tag-715bf3ba46529ae1bcc8683963990b4a.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 167 KB
47 KB 47ms
24ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-715bf3ba46529ae1bcc8683963990b4a.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=506828&u=https%3A%2F%2Fsecure.gratowin.com%2F%23%2Flobby&f=1&r=0.9316596831950255
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 3d7df47769ec6bcd42be9ebb5e9e1a7d1a28ad6581efda57fb5c02a605ad4e94

Request headers

Referer: https://secure.gratowin.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
content-encoding: br
last-modified: Wed, 06 Apr 2022 06:13:54 GMT
server: gfra1
etag: "624d2fa2-bc11"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48145
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 111ms
111ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=506828&d=secure.gratowin.com&u=D9C7FD892C5727ECD3339952EAFC13BA9&h=963f3f9569b0cddbaef61c4f6f138e6b&t=false&r=0.4973218500531251

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 16:44:17 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 8.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 11 KB
12 KB 70ms
18ms Image
image/png 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/8.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:08 GMT
age: 2410
x-guploader-uploadid: ADPycdtuV_5YASvAGxv3aU0AcYdW83vXNgiUyygJ0gPhX832e6wVEzl0hHlctJe_VD4JBVsbRDgM3RoMXZvPyR922JBcn0xQHFY1
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11475
last-modified: Mon, 14 Dec 2020 09:52:31 GMT
server: UploadServer
etag: "21a5358c0ea98af8a9aa561c2bffb91d"
x-goog-hash: crc32c=uYCRdA==, md5=IaU1jA6pivipqlYcK/+5HQ==
x-goog-generation: 1607939551876388
cache-control: public, max-age=3600
x-goog-stored-content-length: 11475
accept-ranges: bytes
content-type: image/png
expires: Thu, 07 Apr 2022 17:04:08 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.4.0/ 477 B
910 B 42ms
41ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.4.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c8a3a3e0b932baa4a2619f796ff58c44741f8de97001c666d2ac0f6352c94ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 07 Apr 2023 16:44:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 65ms
17ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4168
date: Thu, 07 Apr 2022 15:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 07 Apr 2022 17:34:50 GMT

GET
H/1.1 200
OK sdk.js Show response
prod.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/ 112 KB
23 KB 207ms
111ms Script
text/javascript 52.214.226.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/sdk.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.226.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-226-97.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 21c84163c6f6154f13c85e42cfd85b2fb4e2e8308cf96762965ad0dc8ff52e19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:18 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Jun 2021 07:03:02 GMT
Server: openresty
x-amz-request-id: YRRNDSS2TK0G707Z
ETag: W/"a728d986cd672c400cda54305afd1359"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: TkXVQKTxR1BH/mVJVtt1yIZcuscC8P8VsA8Xx+IA6lGVHA+/kGP4AVbp5exb3reJpKX6vVvqiPU=

GET
H2 200 oapit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 34 KB
7 KB 83ms
22ms Script
application/javascript 2600:9000:224a:7a00:19:2a6:6500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7a00:19:2a6:6500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6b1e97a01308578d790ce5b04fee08caf2d49f5cb6463f6f73e4592f5ce8791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:40:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 14:17:17 GMT
server: AmazonS3
age: 209
etag: W/"cc6c379a4214495de70afa060807da50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 1qxuxt_eB6nZ52CNB1fEhJbvEYJ4NM3qfg5fJbgPnCJChYIIsJWyIQ==

POST
H2 204 result Show response
secure.gratowin.com/cdn-cgi/bm/cv/ 0
272 B 21ms
19ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/bm/cv/result?req_id=6f843a20ae749079
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
server: cloudflare
cf-ray: 6f843a24ee1c9079-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 41ms
40ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.14601922115241606

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1940be89f577cc501111e5b0ad5842ab8f35e89fb7f32c5716f08e2f4c057399

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Thu, 07 Apr 2022 16:44:18 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vendors~AggregatorGameHistoryScreenshotModal~CampaignIframeModal~CampaignModal~CashoutPendingRequest~ab2ead9f.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 11 KB
4 KB 85ms
84ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~AggregatorGameHistoryScreenshotModal~CampaignIframeModal~CampaignModal~CashoutPendingRequest~ab2ead9f.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c349263ff59cee51a2fe0aaf1dbda3226f6feb333a44a4cbe4c183cb4e0366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdvZkJ1G8ldUfD4hX6kR221oS5GEsyBOt-pY_0qvd4-zjUrrinFB-Tri7yYgWm1kRTFyh4x81TYqC-dNs95TWNQlPN6JoSsf
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:55 GMT
server: cloudflare
etag: W/"b5b9171a132ea030df45c7849a7d58e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=UpkkCg==, md5=tbkXGhMuoDDfRceEmn1Y5g==
x-goog-generation: 1649232055035210
cache-control: public, max-age=14400
x-goog-stored-content-length: 11299
cf-ray: 6f843a24fe3e9079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 vendors~GameFrameValidations~Lobby.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 38 KB
12 KB 80ms
79ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~GameFrameValidations~Lobby.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36388b702021d797692f27241047c9c364ceb197249b5d502255766766a2084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdt8TNOMX9oFygdircyW7RkKGU9y-98qk0KXE79oDV_SVGMF9L6ksHc-cFoDshIe8pwHTfghe8HeFNoIEDKzGEc-j5F54NvS
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:43 GMT
server: cloudflare
etag: W/"4cec19b2f81598ffa4bafc1c3f6b944e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=YjgkkQ==, md5=TOwZsvgVmP+kuvwcP2uUTg==
x-goog-generation: 1649232043573291
cache-control: public, max-age=14400
x-goog-stored-content-length: 38677
cf-ray: 6f843a24fe419079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 vendors~Lobby.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 28 KB
8 KB 73ms
72ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Lobby.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a40b6a2e398eaf2d798d830c33a3c6f3aeb1f59f7d5cf7e84eb4c39ffdecb7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdvjrorYrgXADC6p8wvt2FsZa6XblNpa1DxAGpBODIf6vcx7o7Qxft0M7aRWDnZlT4zFwa-5W7oKOr0yodKkeD5T-E3bQlKi
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:45 GMT
server: cloudflare
etag: W/"eecac7568d768681ab9fdb4c66997111"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=f2KTnQ==, md5=7srHVo12hoGrn9tMZplxEQ==
x-goog-generation: 1649232045640883
cache-control: public, max-age=14400
x-goog-stored-content-length: 29068
cf-ray: 6f843a24fe429079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 363.695eada1b3a53bfb6d48.css
secure.gratowin.com/ 132 KB
18 KB 83ms
82ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/363.695eada1b3a53bfb6d48.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca460d0363305151c2de971cfae391722b11f4ebe68c02883157647ef745b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtCgbG1BUusLkKapgaudzpkqi9jGkN_oNeksoudLDsfBmlEODSV79I1mPvnkmxk08AFhzPB5LrwvzDRF8d8Hk_X0QpjFF_E
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/css
last-modified: Wed, 06 Apr 2022 08:00:50 GMT
server: cloudflare
etag: W/"8f1d29ea56a766211d24e4fa9e6af7ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ZOi0ag==, md5=jx0p6lanZiEdJOT6nmr37g==
x-goog-generation: 1649232050777726
cache-control: public, max-age=14400
x-goog-stored-content-length: 134736
cf-ray: 6f843a24fe449079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 Lobby.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 227 KB
66 KB 84ms
84ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/Lobby.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c822f1df04cac5f607f887553b997e6f28dff4c861292fe99c87ff10632a9f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycduwQZLev7dFjs9lKLRTwr9IEe-GT61ArEikAHcU5Iu_BESlp54qMD4VP65tckjXcX8bk8F4LL2hpVUNkZcMxVBZGZJKWDpt
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:57 GMT
server: cloudflare
etag: W/"ea6c639dd48a6558922d7ad356900b06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=iunNkw==, md5=6mxjndSKZViSLXrTVpALBg==
x-goog-generation: 1649232057141886
cache-control: public, max-age=14400
x-goog-stored-content-length: 232737
cf-ray: 6f843a24fe459079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 refreshToken Show response
secure.gratowin.com/playerapi/ 29 B
278 B 51ms
51ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/refreshToken?device=DESKTOP&language=en&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
ldAlias

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
etag: W/"1d-8FgmlGBAlsa83L78oaBAOCRXFa8"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 6f843a250e629079-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 appData Show response
secure.gratowin.com/playerapi/ 23 KB
7 KB 126ms
126ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/appData?language=en&device=DESKTOP&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 31a9b2bde7c6f7353a3db430df0c9c3ca967eee63695acafc1057a904ca6612e

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
ldAlias

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
etag: W/"5bc8-k2XxI0bCuez21XzDBjNK0qmmlxs"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 6f843a253eae9079-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 appStaticData Show response
secure.gratowin.com/playerapi/ 2 KB
1 KB 121ms
119ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/appStaticData?language=en&device=DESKTOP&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 50fed9d33da0d208018801942777a0d028b9d9430fc3ab3dd3f8fb4c6ca28594

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
ldAlias

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
etag: W/"68c-kyTHk04KTDTHaSw5UPs9dC7rExw"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 6f843a253ebf9079-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 JackpotAnimation.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 6 KB
2 KB 80ms
80ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/JackpotAnimation.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1727bf55c3053f8431b1c2c16993832aad32262207d771a7d8bdda0ceb076bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycduIjrT-vsDaUubtD0CoNdG_DdLzvYU9UnZ3U1rRN-mJ8ZY7HUcUwAeQ07_ej6XpeMOymLdV8VBwaE973P0PrLP0o1cmhY2g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:44 GMT
server: cloudflare
etag: W/"02756e197c62215c77c21f69caf08e1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=LhsFyQ==, md5=AnVuGXxiIVx3wh9pyvCOHQ==
x-goog-generation: 1649232044811104
cache-control: public, max-age=14400
x-goog-stored-content-length: 6451
cf-ray: 6f843a258f239079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 BonusAnimation.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 8 KB
3 KB 74ms
74ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/BonusAnimation.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff61350641628d42e54ce1f1a106126779dbd242670c4b544fb3013eb63d1ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtYyuoyC2fjWUw3Cl0yQk3-StxaWi9sopCGCn8OKSK_-tAh2UObxiNeQDcPePQrNdv_y4rFqVKcU5wUCC_Xmc4oLtTKMMK_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:55 GMT
server: cloudflare
etag: W/"c1805fb916e4eae5963faf5c4ae6d96b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=8/faRQ==, md5=wYBfuRbk6uWWP69cSubZaw==
x-goog-generation: 1649232054987839
cache-control: public, max-age=14400
x-goog-stored-content-length: 8069
cf-ray: 6f843a258f289079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 LimitNotification.695eada1b3a53bfb6d48.bundle.js Show response
secure.gratowin.com/ 5 KB
2 KB 96ms
96ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/LimitNotification.695eada1b3a53bfb6d48.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc36f193a902faa46847ab2f446bf40310d897d45a8a5650aebe81faec89c5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtLtn6WarabOI1_sHWvokys1JCERV5BKUe92IDN52qjsBrDnJXuBFEhbv9ysnEL_bwdxONj8Zaow6Pw4UW0pz7fQ5yGrkvs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: application/javascript
last-modified: Wed, 06 Apr 2022 08:00:59 GMT
server: cloudflare
etag: W/"89289f90a4faf84977b5c9a823b9d3e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=eVHcVg==, md5=iSifkKT6+El3tcmoI7nT4w==
x-goog-generation: 1649232059697490
cache-control: public, max-age=14400
x-goog-stored-content-length: 4801
cf-ray: 6f843a258f319079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 811 B
511 B 20ms
20ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=506828&settings_type=1&vn=7.0&r=0.263933387706488
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-715bf3ba46529ae1bcc8683963990b4a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 9fe73cdf35c5a75629143af33a61c1876c83bee94bccc5193f1082c2a5d5f3d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:17 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 50ms
25ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1885546217&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=595542650&gjid=508914330&cid=1636956054.1649349858&tid=UA-27702367-6&_gid=1692730961.1649349858&_r=1&gtm=2wg3u0KSBWD3B&z=1806589348

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Apr 2022 16:44:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pushreg.min.js Show response
d2afn796dyftlg.cloudfront.net/ 2 KB
912 B 24ms
24ms Script
application/javascript 2600:9000:224a:7a00:19:2a6:6500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/pushreg.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7a00:19:2a6:6500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ff8f0c174db748442f0760616142b2f6e4f1d9bbb03078a45b6f143c65c2fee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:16 GMT
content-encoding: gzip
last-modified: Mon, 10 Aug 2020 09:23:59 GMT
server: AmazonS3
age: 5
etag: W/"8c8a277b7efff9b15eab1545ef7be1fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: dFAluJSvmWD3lsZQ1rM9k6dhV-Hr6ScLfjll2gNB4ypqLZ6FA3Gg7g==

GET
H2 200 oapi-heartbit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 2 KB
1 KB 22ms
22ms Script
application/javascript 2600:9000:224a:7a00:19:2a6:6500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapi-heartbit.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:7a00:19:2a6:6500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 087a64a782e52566b9f11c4d3ffbf22498482165591c955972fece46a702f13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:42:10 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 12:03:53 GMT
server: AmazonS3
age: 131
etag: W/"95ada3efe9ca8f8c93d082b428af1d4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1b18b0df6149933160ee945c6867dc2c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: L-WpnYCGEhKqu6PeV8X2rPqwveBIZtq_2TGcw26G7LfXZalSalLD4w==

GET
H2 200 getBrandLanguages Show response
secure.gratowin.com/playerapi/ 105 B
216 B 54ms
54ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/getBrandLanguages?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 829ce0834b34b45c7c7083765892705f9b969c31d335d5f498be198760252374

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
ldAlias

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
etag: W/"69-eJUdwcHEA6BHwC9g3JEMgs/D8q0"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 6f843a2658989079-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 / Show response
cms2.gratowin.com/drupal_templates/slider/ 23 KB
4 KB 861ms
797ms XHR
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.gratowin.com/drupal_templates/slider/?lang=en&brandId=8&playerType=0&lobbyTemplateId=3&eventStartDates=1649674800000&eventEndDates=1651489200000&eventWinnerEndDates=&eventTypes=902&activityType=P&affToken=1&affiliateToken=1&selectedGameTab=1&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3613c7463cc1d9273d701544030f324b5bd2f16d5fd7723924dde7435e4be850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6f843a279c5c9966-FRA

GET
H2 200 / Show response
cms2.gratowin.com/drupal_templates/footer// 10 KB
3 KB 142ms
96ms XHR
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.gratowin.com/drupal_templates/footer//?lang=en&regCountry=undefined&login=0&state=&brandId=8&currency=undefined&type=&playerType=0&eventTypes=&eventStartDates=&eventEndDates=&eventWinnerEndDates=&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e84f6e3903704886fd892098abffec7ef1fb231f87cfbba43139d24c7f29815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6f843a279c5d9966-FRA

GET
H3 200 logo.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 52 KB
52 KB 47ms
19ms Image
image/png 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/logo.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:08 GMT
age: 2410
x-guploader-uploadid: ADPycdsJqKT1PxD4ASAy7rGnr8BIar8xWqh4iGW94tKK__65edgqUto2WHl6u-fVItwuCt1612kLv33EBEVd89oHLud6gjssNzJm
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53570
last-modified: Sun, 06 Sep 2020 14:56:18 GMT
server: UploadServer
etag: "8da035e6e305e63288d58c81e1cb6316"
x-goog-hash: crc32c=F2Tmng==, md5=jaA15uMF5jKI1YyB4ctjFg==
x-goog-generation: 1599404178125470
cache-control: public, max-age=3600
x-goog-stored-content-length: 53570
accept-ranges: bytes
content-type: image/png
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 07:59:49 GMT
expires: Thu, 07 Apr 2022 17:04:08 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
31 KB 66ms
19ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 11:55:47 GMT
x-content-type-options: nosniff
age: 190111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 11:55:47 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924

Request headers

Referer
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H2 200 getRecentWinnings Show response
secure.gratowin.com/playerapi/recentWinnings/ 3 KB
838 B 93ms
92ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/recentWinnings/getRecentWinnings?currency=EUR&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a5a7bb3fe747163050e86090c99a25ce810b4285398163363e151acf84a9525b

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
ldAlias

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
etag: W/"b00-PyaFfsiLVd1iz+fB+G1iBASwyPI"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 6f843a279ac29079-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getJackpotGameDetails Show response
secure.gratowin.com/playerapi/games/ 26 B
134 B 49ms
49ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8175ff9e4cb281d9a31e069db1e68c057f7fe5abd35a2ba4c322d2a62674d6a8

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
ldAlias

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
etag: W/"1a-rx4pzPSQQ6zMjHXzTuAVvc7xCpM"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 6f843a27aadf9079-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getJackpotGameDetails Show response
secure.gratowin.com/playerapi/games/ 26 B
319 B 69ms
68ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8175ff9e4cb281d9a31e069db1e68c057f7fe5abd35a2ba4c322d2a62674d6a8

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
ldAlias

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
etag: W/"1a-rx4pzPSQQ6zMjHXzTuAVvc7xCpM"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=tgekIOzVB6L7nxHzLADArVwyDiWqUEykM3tkvF23sas-1649349858-0-AbGtc2sTgpBxrN7u68YyjJ3GwndOHntB3upRNYeAwqwqixRb6QSk2yuFEgzgGJQ2Lh2GbShObdCbYB18NXg9ivk
content-type: application/json; charset=utf-8
swagger-api-docs-url: /playerapi
access-control-allow-credentials: true
cf-ray: 6f843a27bb019079-FRA
vary: Accept-Encoding, Origin

GET
H2 200 games Show response
secure.gratowin.com/playerapi/ 140 KB
10 KB 543ms
542ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games?country=DE&device=desktop&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a40bcbbe49f186131472009fa50b6457886a637386585fa029932a8ffeffdc43

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
ldAlias

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
content-encoding: gzip
etag: W/"2315c-21QF84gNX7B16RdL5zlrKPSoxe0"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 6f843a27db2a9079-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 joinNow-icon.svg
secure.gratowin.com/assets/internal-icons/ 402 B
578 B 42ms
38ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/joinNow-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtptv6-QXh27mmK2uIwws3FuuvjwWnVTxe1soixSugwmQObGUAUUeYZNRBmAr8lq9tpHgUXDMuetlj3uDbYFTf7lFo_P__f
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
last-modified: Wed, 06 Apr 2022 08:01:01 GMT
server: cloudflare
etag: W/"fcf6455fb9d2e83224da551cc3054ff6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=7BBWuA==, md5=/PZFX7nS6DIk2lUcwwVP9g==
x-goog-generation: 1648553295725316
cache-control: public, max-age=14400
x-goog-stored-content-length: 402
cf-ray: 6f843a282bad9079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 login-icon.svg
secure.gratowin.com/assets/internal-icons/ 510 B
622 B 82ms
78ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/login-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdvLI-9M9FPVmGYVslHKwbHQQA6qNcXYsyVXJ8UqYoMl26mRfP_jpwjNyRUyVxhFiSiUVTOcq-2Lal3WpBP4YjAX6aDQuHTm
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
last-modified: Wed, 06 Apr 2022 08:01:02 GMT
server: cloudflare
etag: W/"0ca8fb0f2089abf726d203bee36c8cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=UXvSvQ==, md5=DKj7DyCJq/cm0gO+42yMvA==
x-goog-generation: 1649232062240527
cache-control: public, max-age=14400
x-goog-stored-content-length: 510
cf-ray: 6f843a282bb39079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 promotions-icon.svg
secure.gratowin.com/assets/internal-icons/ 1 KB
894 B 79ms
74ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/promotions-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384ca46673f9d9209ecf6b510aa5e67e5e6e8c5762d7b5c8e643dfc96fb96031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsQKB63xcQ8lQq_VsXXqbW09w-NaE36BDlVrBlspN8JK-9Gpiga4qvZpb0REfr7ADNO6pYwNjMADuwluhZZ0btmFRjilBOB
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
last-modified: Wed, 06 Apr 2022 08:01:01 GMT
server: cloudflare
etag: W/"9761427b1a19bf0f0d615356a9ea92a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=hjcbWg==, md5=l2FCexoZvw8NYVNWqeqSpw==
x-goog-generation: 1649232061769326
cache-control: public, max-age=14400
x-goog-stored-content-length: 1412
cf-ray: 6f843a283bb59079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 vipClub-icon.svg
secure.gratowin.com/assets/internal-icons/ 529 B
645 B 87ms
83ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/vipClub-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtKIcg_fxxTJet3T8m3ZEJwNDQh1B9Qokl-PXxE44NHBAca9cigVLUDvP9uCEWfPtNhQt0FIe_snqH8V7eM3i_vttSjdem9
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
last-modified: Wed, 06 Apr 2022 08:01:01 GMT
server: cloudflare
etag: W/"725a97efe97819c4531fbe67de1b54c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=aXyrag==, md5=clqX7+l4GcRTH75n3htUyQ==
x-goog-generation: 1649232061844136
cache-control: public, max-age=14400
x-goog-stored-content-length: 529
cf-ray: 6f843a283bb69079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 banking-icon.svg
secure.gratowin.com/assets/internal-icons/ 2 KB
1 KB 80ms
76ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/banking-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsxSDj5OVbankoLWDz1ayYre_fLp3tZ4lce1YcTIcoWEaeUhTL0J0AZyoAtkB88v25nYoBGPX44SpVhdDlCTiAZvSOnywbY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
last-modified: Wed, 06 Apr 2022 08:01:02 GMT
server: cloudflare
etag: W/"97b0c09efe576a5c2df1da456faceec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=zejJ6A==, md5=l7DAnv5Xalwt8dpFb6zuxA==
x-goog-generation: 1648553296364033
cache-control: public, max-age=14400
x-goog-stored-content-length: 2300
cf-ray: 6f843a283bb89079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 contact_us-icon.svg
secure.gratowin.com/assets/internal-icons/ 522 B
580 B 84ms
80ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/contact_us-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdtMWxuWOjwi57VhCrod8DojR2Kl9r7RnCfjzcJY6TSWwKNdeVzLRUcX9FeoI0g_3BhzDxRU4SUx6ovY9RTsudJw9lJS8nvM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
last-modified: Wed, 06 Apr 2022 08:01:01 GMT
server: cloudflare
etag: W/"b48b2b51825c35ae80e02c41711e7c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=fs4Iyg==, md5=tIsrUYJcNa6A4CxBcR58aA==
x-goog-generation: 1648553295764288
cache-control: public, max-age=14400
x-goog-stored-content-length: 522
cf-ray: 6f843a283bba9079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H2 200 languages-icon.svg
secure.gratowin.com/assets/internal-icons/ 2 KB
1018 B 83ms
79ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/languages-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:18 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycdsu4mE8Fqy2z-ewIC8fuxBX3hmSd50CcCMZ3JnZmpOggrf2b7rSrA7D-8BjvSEsMaky0S9srVaBV-tYA_BZqj-2Q97iIFjW
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/svg+xml
last-modified: Wed, 06 Apr 2022 08:01:02 GMT
server: cloudflare
etag: W/"0e648574a50c4a2f1572086f886ee580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=15Fj5Q==, md5=DmSFdKUMSi8VcghviG7lgA==
x-goog-generation: 1648553296647578
cache-control: public, max-age=14400
x-goog-stored-content-length: 1925
cf-ray: 6f843a283bbb9079-FRA
expires: Thu, 07 Apr 2022 20:44:18 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 46ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 82079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 47ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 572277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 01:46:21 GMT

GET
H3 200 left-background.jpg
storage.googleapis.com/moon-prod/static-content/brands/8/ 211 KB
211 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/left-background.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d53ae31112aa2b41ea425f2702a7c5563a122d75b725d9f8dd18856d378210d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:08 GMT
age: 2410
x-guploader-uploadid: ADPycduuxLPV7_fOpMcwcSaipo_veKVpjhcEQd6AImIp1m0U_Q_6xp585y51LObQgZjanuO3Dp4JUIawBfbblO0ua6saMyEpDVmC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 215958
last-modified: Sun, 06 Sep 2020 14:56:17 GMT
server: UploadServer
etag: "0b976b08237086537b3d063e73fc42d6"
x-goog-hash: crc32c=mddCPQ==, md5=C5drCCNwhlN7PQY+c/xC1g==
x-goog-generation: 1599404177852497
cache-control: public, max-age=3600
x-goog-stored-content-length: 215958
accept-ranges: bytes
content-type: image/jpeg
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 08:00:02 GMT
expires: Thu, 07 Apr 2022 17:04:08 GMT

GET
H3 200 right-background.jpg
storage.googleapis.com/moon-prod/static-content/brands/8/ 187 KB
187 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/right-background.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae6ccbecb882f3edc3f742a60a60d75d93c9ffa2d3039cfdb5e1b900bd307e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:08 GMT
age: 2410
x-guploader-uploadid: ADPycdvobkJ4PgSd9KBvZD91o8SsSB_Ok_284cGFCZiS7hqghZJQk3d4MwZhtvu46xSSDhX-N57_oLhfI86Icvmt-Dw-GXnGcjhS
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191883
last-modified: Sun, 06 Sep 2020 14:56:18 GMT
server: UploadServer
etag: "1f143849746b1ddb7e37f52463404de5"
x-goog-hash: crc32c=Y+VbbQ==, md5=HxQ4SXRrHdt+N/UkY0BN5Q==
x-goog-generation: 1599404178430596
cache-control: public, max-age=3600
x-goog-stored-content-length: 191883
accept-ranges: bytes
content-type: image/jpeg
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 07:59:42 GMT
expires: Thu, 07 Apr 2022 17:04:08 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
588 B 58ms
29ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87d936c8cbc0aeacd0b7d12a04d8819f1e7f436f177cb4479a3bbe523cc5edfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 16:44:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Apr 2022 16:44:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Apr 2022 16:44:18 GMT

GET
H2 200 seal01.html Show response
www.gratowin.com/ Frame 9701 877 B
819 B 310ms
90ms Document
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gratowin.com/seal01.html
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.695eada1b3a53bfb6d48.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e37e8a648cbdd70334a1189b9f16edd75ad69619c9e592a9f4763fd2c272d3d

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 6f843a2a3a749a05-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 07 Apr 2022 16:44:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 11 Aug 2021 15:25:01 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 logo.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 12 KB
12 KB 102ms
41ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/logo.png?v=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd851eecbed034859bd7f58e2a76421ea7911a3add50ab6550d3beddafd1d793

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=A87C0w==, md5=9eRYlODzA9ApJVo7TooapQ==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduri0AS-9VLvGolZsQt_hNQSjeDt31Kka5pbT7HL1OMgaWCTdaLYkUsZYi2T53OhUm3P-SzcP82ExZ7oarOFzfEzu_mwme8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12169
last-modified: Thu, 28 Oct 2021 10:11:40 GMT
server: cloudflare
etag: "f5e45894e0f303d029255a3b4e8a1aa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGhJXut2fBaEmWGgVesdl006wWiraOf%2Btq4wGZabck0MOuO1gdFpZrNcXiy2qWsB%2FHusGQdi%2FOTSk1YKGnXxqWHDGQOS8H9HamAUyaGh5cbu7wD2UIIWiAFTzE%2Bf1VVkiyo4yK%2Fr4y6Gkd5UM1sSfjDurA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635415900886714
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 12169
accept-ranges: bytes
cf-ray: 6f843a2939f58fe6-FRA
expires: Thu, 07 Apr 2022 17:27:47 GMT

GET
H2 200 SSL.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 2 KB
2 KB 117ms
56ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/SSL.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14938be87d77b400fc65091ec6f1d46b998c9878baf1fdd02923f21a1fd3c650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=MQIzUQ==, md5=blvsReEHqaGVf1/zapAjFw==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsSbxu0sxSmPf0T4uNVmHx5diGW_3llKg8tkj5cfVyqRqTLLJNUfwsKkVNSvnNhl4eQHsyr9A4chxetiJlTAJQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2011
last-modified: Tue, 06 Oct 2020 13:04:24 GMT
server: cloudflare
etag: "6e5bec45e107a9a1957f5ff36a902317"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgGdn4GtP%2FQU%2BsRcaTnxPhljZpcsHwCODPYJuwBLyU5equucbx5fLTAw1ULmIioTvFtWN71tQ2gTyFviL17rp68ewxMFDgkBJYSDiKGWP0Mr39dg%2FflOYY%2BVM8dw8kcnA%2BkomT%2FXlMwZbPT%2BfFZRRV%2BKnA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1601989464170151
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 2011
accept-ranges: bytes
cf-ray: 6f843a294a1a8fe6-FRA
expires: Thu, 07 Apr 2022 16:51:45 GMT

GET
H2 200 18+Icon.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 1 KB
2 KB 104ms
44ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/18+Icon.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13d97bf61b269e546615d0d8fad2bb9cd97d2bd804c77d5a102d76c720aee89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=VhMn0g==, md5=/oHYRoAl7ZVkFis94KeluA==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtipgZVeR4Gr4KKRrx9cge29GVMUmChkW-En6HdrB0a3uK-Sq8nTVfdDbV446suStr1JMTj_5ZQD26tT3LtQgH3Rxiurw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1123
last-modified: Tue, 06 Oct 2020 13:04:25 GMT
server: cloudflare
etag: "fe81d8468025ed9564162b3de0a7a5b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXGzX1sjuroiiptb8ANjWweA5w7eDr9iMe2wF4FgKIBLA2dqzT14Wa81nZfQ0kjl5Bcp0sTioz4LZSoNMcUhvDmfbGR2su%2FVqA%2FyWjFqN0R85tJ%2FgDhwTU42NkhGZjZd2lQRZsucFH42n7GqJDzLdnkBEA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1601989465737614
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 1123
accept-ranges: bytes
cf-ray: 6f843a2939f48fe6-FRA
expires: Thu, 07 Apr 2022 17:27:47 GMT

GET
H2 200 pci-dss.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 901 B
1 KB 110ms
50ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/pci-dss.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6def0826012e44d264028b56de2c5dd009bae4cd146201778e48562132a114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=+/+G1g==, md5=OYlH3PzwBZm3iwRRIgftgA==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdv4IJg0vlMxadirC-_i0P_m8MXXhSRAUojolQY0HrLXQl88oBVjvAzL3xUSATEjJFOJy3lBqbHLlM32DWTsLtHQrCFP07tW
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 901
last-modified: Tue, 06 Oct 2020 13:04:25 GMT
server: cloudflare
etag: "398947dcfcf00599b78b04512207ed80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZYdBdSxf08kcUQIycjEcTpLAIJBon%2FYeSK6V85UggLqvRKCcsfDztmeogEoS%2BkBX9GKM6b1nqUMTOXQjvCnZAEmzX1yNtndWP8aAUnrCMEAcP6JIEpp1aVU00Oyl14fnfQm87rJt2WxrLtqfBUbk9ZFyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1601989465837872
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 901
accept-ranges: bytes
cf-ray: 6f843a294a1c8fe6-FRA
expires: Thu, 07 Apr 2022 17:01:16 GMT

GET
H2 200 master.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 1 KB
2 KB 112ms
52ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/master.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7bddb60e1b573f417061d9107202ce77303957fbd63555499f00589080fcfaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=Gf8JvQ==, md5=s3B3iZ8HYAWqYhT79UnDQg==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduVJiw5jmrX6YCT2dAqVohzjTc0CIdWM1-M_pZL360sBKAoCfXThX8qBX85zjk4D7uMyD7EpF1o41KZPvHov9Y
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1427
last-modified: Thu, 01 Jul 2021 12:33:30 GMT
server: cloudflare
etag: "b37077899f076005aa6214fbf549c342"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhBnzeEGASbGRUa0D1MKNfJHccwJiNJJsCxeH%2F8qFTUXrPaLluMfNTmCv24QMBsr%2FiZV9djZpIrQ%2B5i%2F2bxlQB5uEadvSn6TQuAj9H5i%2Fp6g4B5PI3%2FQwy7aGY6LbjuxepKG%2BjGydokR7fIReOtEP8z3pw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625142810491564
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 1427
accept-ranges: bytes
cf-ray: 6f843a294a1d8fe6-FRA
expires: Thu, 07 Apr 2022 17:27:47 GMT

GET
H2 200 postpay.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 1 KB
2 KB 116ms
56ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/postpay.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3884d824f64bdeb8cf6b0d3206fbd90e387693532ff011ddade19c1408291a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=Av7cDw==, md5=UB7nFeIX3aAntyQSQXyerw==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvTFOtNSA7BQ5olmWB99ijgU0m5fjlLVIs8ZD1uw9RKW3JpR-NlPdH8ZWMhnh1pJjgr7wzddI9LO0gg4fahDwo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1385
last-modified: Thu, 01 Jul 2021 12:33:30 GMT
server: cloudflare
etag: "501ee715e217dda027b72412417c9eaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7PDgMkeeaNqoFG32uwhisU%2Bv4rVRAsAxm9bPP%2B3NSLE%2FgZRiEAUPXa%2FZ0ii2SbaD0Kf53I95cdFogieRKBVy5Mu1BZGc2cpwRcSpg8f4a1fFmPwKPPQos7p9n9XvB8UrF8TtpK5YrnNgjdkuzkGBS%2B9jw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625142810431227
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 1385
accept-ranges: bytes
cf-ray: 6f843a294a1f8fe6-FRA
expires: Thu, 07 Apr 2022 17:01:16 GMT

GET
H2 200 Quantum.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 1 KB
2 KB 57ms
51ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/Quantum.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf165b014c809f85253928ae6089faab4524c9eadc9c0fd594939c0dd504485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=Y6fPAg==, md5=sw544PXPbUFn8z48BxK9yA==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsih8SWFBKME2N5TTOSLP44bnPP6i49x5y7ulLk9l0nHqxywhiY3hHeqXWa5-mMcWmCDbiEV_gJ59GBIxGCKeU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1026
last-modified: Thu, 01 Jul 2021 12:33:30 GMT
server: cloudflare
etag: "b30e78e0f5cf6d4167f33e3c0712bdc8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vk0cGCTgqG2fVtIc0fqxH391U%2FH1uYKQbOI9iUK6vvqrGFnrDfQIsLVbUDA1kA1q75bVmTGg1PBasZ5NohUbqfv4%2Fjpno0ZHVK3lNCc9Yu6K0%2FGWahmMYmu6HPq5U4UAiL%2FwTeNv7j4Zc7IWOql%2BDC52oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625142810534617
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 1026
accept-ranges: bytes
cf-ray: 6f843a2939f68fe6-FRA
expires: Thu, 07 Apr 2022 17:27:47 GMT

GET
H2 200 visa.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 875 B
2 KB 38ms
32ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/visa.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae08c1f6207485d1366619c7d732888a12e97433efc9a72f8bae21cc956c0ef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=Y8wgow==, md5=mXK5S2VlGq4QbUTB9TPy2A==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsK3MV93DqdVTM3c5Mno7eYUdgX9vv780BAEf9CIWmZW5u2UTRdxRH_BzNRcThCMmYfNVRRQ340iIAFpWw5gE8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 875
last-modified: Thu, 01 Jul 2021 12:33:31 GMT
server: cloudflare
etag: "9972b94b65651aae106d44c1f533f2d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaVF8BfT%2BkPHKr3WDZQgVJ6TxS4dJnighfsgi9Woc2e95SoZJEUy1jFwNqHziygNpIxK8UevPGBJoezosh9IDBPREFFiLgxIORbN1zO1fSlu3Z3DxqewCRnIKiHkAKz8VE%2BLGLZn%2Bmbf3eUOAMEwRUzUyw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1625142810989627
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 875
accept-ranges: bytes
cf-ray: 6f843a2939ed8fe6-FRA
expires: Thu, 07 Apr 2022 16:49:26 GMT

GET
H2 200 Click.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 6 KB
6 KB 44ms
38ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/Click.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b29eb281cccfb39c49cf4f15297709644582ca6d0bccf04a1a32c839195bc8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=IVMNog==, md5=yecxUAoGXXm5j3qtH+tdOw==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdv11IUlFfUkXXSlyEFSRO28J9Sj-AcOUSfaW-Bgnr0OoeY30D2uO4ZOcf1D7qE8Kb6AnlkYe-3q992ihrsngVc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5700
last-modified: Sun, 06 Feb 2022 10:36:47 GMT
server: cloudflare
etag: "c9e731500a065d79b98f7aad1feb5d3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtGu38yi8F1PpKVAVz6ynxzsTV0vefsXC5NBpvb4l9vFoIuQVJ4q7m6DZ83G9ocoLtO5szt0jnlXmVqvxvwDqvBRe8ufMgBx4m7ipKmg0zMxHYBSbcA7ixualWEsRwgiHckKjhRSb%2F%2BE9lUC%2BjUTgtZgxg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644143807734243
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 5700
accept-ranges: bytes
cf-ray: 6f843a2939fa8fe6-FRA
expires: Thu, 07 Apr 2022 16:45:36 GMT

GET
H2 200 Neosurf.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 27 KB
27 KB 44ms
38ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/Neosurf.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33cf9df5dbd4413c345804c9fc915a6ec979b9b1405282ee45cf2f9319eb9166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=GW7NZQ==, md5=ba7k3cP7xSF7VQKmIZVGFw==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycds8rYgoDCcg8CwsU7Vw_B_PJj-I7Diu-EYn-M1HeCUPUOUgbqoOIo7xzpULS6_VcgGd5-6avM1Uz5qOxXKuFK-O6JNcwbFC
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27540
last-modified: Sun, 06 Feb 2022 10:50:05 GMT
server: cloudflare
etag: "6daee4ddc3fbc5217b5502a621954617"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMS8nx4t73rUnGJrJYL2RGPOLzFj96BIhtBH8hLNvgL7g%2FDVntGZ59l6mAkJHJoYRkoVoQplPVYWe66vQWdmHQS1vHVgfBYJbOKlJAin67dXvPCs6U3N6VKc5XPvbWtSn8N%2FvqeRsAQ19cPKNxNps62FgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644144605877076
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 27540
accept-ranges: bytes
cf-ray: 6f843a2939ef8fe6-FRA
expires: Thu, 07 Apr 2022 16:45:36 GMT

GET
H2 200 CoinsPaid.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 6 KB
6 KB 39ms
34ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/CoinsPaid.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3a98dfda27665a1d6b25a8b935043a0b26b8c03e7c9ea38097fa3252c06b6fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=aUcHYw==, md5=LoTobLICo/eatgAV5koAKw==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduTJXNrrbeE0M1LshLwvfoT2RlwIFinSzTuaEQ4f4jDkKMj_1wYActFzh18Lf7WhAUhaFtsXFTUMvhoE7VIblM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6078
last-modified: Sun, 06 Feb 2022 10:45:41 GMT
server: cloudflare
etag: "2e84e86cb202a3f79ab60015e64a002b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dV4wMjf6sw5H%2F4%2FRklA%2Fm9%2FgUfndUZqVHNmbX4LmGIE6WvsSlsPd2NgxzVkRsXieJLikEpdAAbIZSxaKtuBsGS7xi1EDVsDhyynOfAmNNiFyLFqUMH%2Fim%2BMYHADTLA57w4HgBaDx4Ob8H9sv9lcS5EluIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644144340991406
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 6078
accept-ranges: bytes
cf-ray: 6f843a2939f38fe6-FRA
expires: Thu, 07 Apr 2022 16:45:36 GMT

GET
H2 200 CashLib.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/ 942 B
1 KB 42ms
37ms Image
image/png 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/CashLib.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30359b2f6e177739cf2532d651b638df141477f1084c96a2887e9fffb9a7ac5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=6G1NwQ==, md5=tV5LtdvfSHtiRZh2ktAy4g==
date: Thu, 07 Apr 2022 16:44:18 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtMwaNEndT4c8lE0fWS3dq6SY9stFuEzAA-4pkRAEPpNAp5iFIX3AnkmlxDs1JymsU3dsLj1dtyOj2ESMDFTsE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 942
last-modified: Tue, 06 Oct 2020 13:04:25 GMT
server: cloudflare
etag: "b55e4bb5dbdf487b6245987692d032e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmjn6mEeZiJYJjUfc7nkoCmtegtGFvATde2dwxa9eMgpJ4IHILjWrbUD1V4bqX4qDlkWPXrc5OOaiFKl43nHZTnnS50M36gj3xX5C0bfjflAp%2FAZma4pL9AnMn%2F%2B5DmmqoQlWCUif4oFvQ7ogOmgPjzLDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1601989465275874
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 942
accept-ranges: bytes
cf-ray: 6f843a2939f88fe6-FRA
expires: Thu, 07 Apr 2022 16:45:36 GMT

POST
H/1.1 200
OK deviceCreate Show response
api.xtremepush.com/push/api/ 228 B
935 B 466ms
332ms XHR
application/json 52.31.235.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xtremepush.com/push/api/deviceCreate

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.235.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-235-195.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

4a3fac098e1ee9fd389733d4fda24a20195ecc3939d4bca96a55826d079fa1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 07 Apr 2022 16:44:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://secure.gratowin.com
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 api.js Show response
www.gratowin.com/cdn-cgi/bm/cv/669835187/ Frame 9701 35 KB
9 KB 21ms
20ms Script
text/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gratowin.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ad73612f12f05dfb07d437a5d3d9a19c5ed14ced0b78362eadd9ac8effde3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/seal01.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6f843a2adb9e9a05-FRA

GET
H2 200 apg-seal.js Show response
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/ Frame 9701 3 KB
2 KB 166ms
76ms Script
text/javascript 2600:9000:223e:8e00:0:c0ab:5c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/apg-seal.js

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8e00:0:c0ab:5c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d7288f61a59442ffd6b1ca8e6a3e10d085fe9c52b3297e1c0be771d6752a6fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"dc5-uNv+ewnKUpVOyCFBYVpsIKTmS+I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/javascript; charset=utf-8
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control: max-age=300
cf-ray: 6f843a2b7fe19193-FRA
x-amz-cf-id: 79ovsEhA09JTEmyUQNbcAFY5HaDkRzM_IBTSDGNXhARmHVUtKB1k5w==

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 811 B
511 B 26ms
25ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=506828&settings_type=2&vn=7.0&r=0.6393477794458111&u=https%3A%2F%2Fsecure.gratowin.com%2FPre_Lobby_Page%2F
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-715bf3ba46529ae1bcc8683963990b4a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ccaca02843fc52d8929bc53f1548195c3a5de19770ea14f8fadf206f8a145bee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK iframe.js Show response
anakatech.uat1.evo-test.com/frontend/evo/r2/js/ 8 KB
3 KB 564ms
43ms Script
application/javascript 87.246.163.84
APOLLO-AS Latvia

General

Check archive.org

Show headers Download Go to

Full URL

https://anakatech.uat1.evo-test.com/frontend/evo/r2/js/iframe.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.695eada1b3a53bfb6d48.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.246.163.84 Riga, Latvia, ASN12578 (APOLLO-AS Latvia, LV),

Reverse DNS

Software

nginx /

Resource Hash

64239a753c10474529061f30b46c410db0e2f44754102aa5c29a0676b045c6cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:19 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Last-Modified: Thu, 07 Apr 2022 07:47:15 GMT
Server: nginx
ETag: "624e9703-8c4"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Origin
Content-Length: 2244

OPTIONS
H2 200 gameDynamicData
ga.streamygame.com/ Frame 0
0 125ms
59ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.gratowin.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 6f843a2be8926913-FRA
content-length: 0
date: Thu, 07 Apr 2022 16:44:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 gameDynamicData Show response
ga.streamygame.com/ 74 KB
5 KB 157ms
87ms XHR
application/json 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.gratowin.com

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b512b193d0958524c3ef37e3fc387a8bf632c0ec7213eca09afe46d6ed5208b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000 ; includeSubDomains
content-type: application/json
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 6f843a2cbf729162-FRA
expires: 0

GET
H3 200 554.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 25 KB
25 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/554.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d228db3b420c185abda651b86467bcf845d981475a7453d992fbe2cfb1d3ee13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:26:18 GMT
age: 1081
x-guploader-uploadid: ADPycdukboT6QCLd0qEoRvWcdGtXK-Q9j9u0VrDS2K-ACuCMx_2L7ApXyFAUuV0pfgQpkoRO36xoFV6eNstPsqzR1s5P-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25919
last-modified: Fri, 18 Mar 2022 11:00:35 GMT
server: UploadServer
etag: "e3da5fd1fd3db4dfcffa8bbb46f100b9"
x-goog-hash: crc32c=OjjOsw==, md5=49pf0f09tN/P+ou7RvEAuQ==
x-goog-generation: 1647601235591018
cache-control: public, max-age=3600
x-goog-stored-content-length: 25919
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:26:18 GMT

GET
H3 200 20.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 31 KB
31 KB 57ms
57ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/20.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 63b3ee24f6efe1c85cffab7f293a66ba15378223cbbd6afe95fbcefb766e24c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:33:21 GMT
age: 658
x-guploader-uploadid: ADPycdtCV-vlJErBB7v4Jt1K7MJE66pJXHCvvjcldconYLJ90Up-kdqMfxnhsXyGn6SWozhRssTv00NJav_nIKwWC_wjOlPgqvot
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32183
last-modified: Sun, 09 Aug 2020 14:39:18 GMT
server: UploadServer
etag: "2bca8ea64f80c5c193113ec11eaeddd7"
x-goog-hash: crc32c=VBbNrA==, md5=K8qOpk+AxcGTET7BHq7d1w==
x-goog-generation: 1596983958386407
cache-control: public, max-age=3600
x-goog-stored-content-length: 32183
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:33:21 GMT

GET
H3 200 5.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 58ms
58ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/5.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4022fcd71fc9cd5ea700911970e7a592b086c5bd47f906a3ff85227c0d531c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:15:26 GMT
age: 1733
x-guploader-uploadid: ADPycduAldG-6FTUFIjyJELx2nsU8_AEhD9sH_581urErbgMwsi20Qk2vFiBS2uwGdRgKHStGbrmgM8AwKrUiQLB9ml8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30546
last-modified: Sun, 09 Aug 2020 15:09:07 GMT
server: UploadServer
etag: "b03207155277dab471de820857ab80c0"
x-goog-hash: crc32c=1vTyDA==, md5=sDIHFVJ32rRx3oIIV6uAwA==
x-goog-generation: 1596985747041304
cache-control: public, max-age=3600
x-goog-stored-content-length: 30546
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:15:26 GMT

GET
H3 200 1.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 32 KB
32 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b796222d4d2609f2f03be081727632c910be3fc50f2836968850de194b18745

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:01:06 GMT
age: 2593
x-guploader-uploadid: ADPycdvS_A6wRytyDxQ2rEBfhx_qXd1bp4EXsiY3metVfwPWMucR1bG_aI2WrS3XDL87IxYlxgJY-0JZaZJzizPXWmkEqb7N2lQh
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32963
last-modified: Sun, 09 Aug 2020 14:58:57 GMT
server: UploadServer
etag: "d73921f6fb38f242ce7f66fd95aab996"
x-goog-hash: crc32c=oougTw==, md5=1zkh9vs48kLOf2b9laq5lg==
x-goog-generation: 1596985137778854
cache-control: public, max-age=3600
x-goog-stored-content-length: 32963
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:01:06 GMT

GET
H3 200 41.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 28 KB
28 KB 54ms
53ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/41.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e4d67b1c232878a8491865829c10157b809e8cd546e5847dbad8e4c74620c865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:21:51 GMT
age: 1348
x-guploader-uploadid: ADPycdvjfL8gHRv2KdzFfDNvgERlMQ2OgvpQzmczmHz7nXm7Povp_v9c8If-xCONe9rKnJM0mexSExNT7zc_0Gi2r5u7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28856
last-modified: Sun, 09 Aug 2020 17:47:30 GMT
server: UploadServer
etag: "7c12ed8a6dfcdca1ca027320215a3276"
x-goog-hash: crc32c=3GHGhQ==, md5=fBLtim383KHKAnMgIVoydg==
x-goog-generation: 1596995250719199
cache-control: public, max-age=3600
x-goog-stored-content-length: 28856
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:21:51 GMT

GET
H3 200 208.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 22 KB
23 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/208.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 200d2aa85fb27867b01a2dfccfde12e46deede7e54473f20dbcb447f71bbf703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:28:21 GMT
age: 958
x-guploader-uploadid: ADPycdt2cdSp6z46262eFtG1Lg1t62b4sa-MaQPiOxufZTHgxeyp4YHJLoTadUXFPwoB_iIGcuBYq6hSo6QVFOFVFTZGT4Cx9Mca
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23035
last-modified: Mon, 27 Apr 2020 08:27:47 GMT
server: UploadServer
etag: "dc45a2f63616e807696dda7c14fcb138"
x-goog-hash: crc32c=DWELAA==, md5=3EWi9jYW6Adpbdp8FPyxOA==
x-goog-generation: 1587976067820510
cache-control: public, max-age=3600
x-goog-stored-content-length: 23035
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:28:21 GMT

GET
H3 200 18.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 26 KB
26 KB 50ms
49ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/18.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d849225963e317e2b2a745c14cd800acec3fbd93a5f8b26ca3094deef15da296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:24:12 GMT
age: 1207
x-guploader-uploadid: ADPycdvmAIzFrqBWYqDuPbrt2nG1JN3ht_hlk5owCGqlzATqyqbuLG1H1d11TWzWcehD--BI68qO4nWXbbdgWqNo8Xdhk75Mka4X
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27061
last-modified: Sun, 09 Aug 2020 15:00:27 GMT
server: UploadServer
etag: "6fd99674da0d9f8066e1e37c840be6f9"
x-goog-hash: crc32c=4oaI7g==, md5=b9mWdNoNn4Bm4eN8hAvm+Q==
x-goog-generation: 1596985227626406
cache-control: public, max-age=3600
x-goog-stored-content-length: 27061
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:24:12 GMT

GET
H3 200 43.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/43.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9b379fff591b8a9f83580fcddd22e13349a147b8d2c357a3cc9437c1729da092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:08 GMT
age: 2411
x-guploader-uploadid: ADPycdvc9woU-eW1XNdRBF58rkXHJ1A8EJNOxgaEq3zK0o-Dllov25jVI1h5e7HLShwgxR5UTcvktngupvmn4JTI_noTQf6Qk7gb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30915
last-modified: Sun, 09 Aug 2020 14:56:29 GMT
server: UploadServer
etag: "daf7f7cfbf6a98256b11d42e582d1ea1"
x-goog-hash: crc32c=5TkmwA==, md5=2vf3z79qmCVrEdQuWC0eoQ==
x-goog-generation: 1596984989808489
cache-control: public, max-age=3600
x-goog-stored-content-length: 30915
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:04:08 GMT

GET
H3 200 4.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 29 KB
29 KB 90ms
90ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/4.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da44324d9421e4ac73b1e56fe166bd8a51fa59fc512f2265b68020fb41c63a33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:34 GMT
age: 2385
x-guploader-uploadid: ADPycdt3sMeDXZuqHyyMqmLnpXbZ18srvGjzsmBNnxBU1PQxUhWgACuSXCi5ey2Pahf3ubTlSafrjJuL4m_ltX9xk6uusGjCVsSH
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29801
last-modified: Sun, 09 Aug 2020 14:37:17 GMT
server: UploadServer
etag: "4b88921a49d1e060168458c42ea5acd4"
x-goog-hash: crc32c=FHIXqg==, md5=S4iSGknR4GAWhFjELqWs1A==
x-goog-generation: 1596983837263791
cache-control: public, max-age=3600
x-goog-stored-content-length: 29801
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:04:34 GMT

GET
H3 200 7.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 89ms
89ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/7.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 22e7337c994a1cd7b0f534cd7a21ec765ed53a6fe3636fb8c6838bcd0994b0e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:35:31 GMT
age: 528
x-guploader-uploadid: ADPycdsv_jX0QjS0jOcIYt_zibDa8ecMu6c6mLErTt3_JAGQVZRryAfBrlikXhKudmCzJFDZ5DJ2HubZLLrf7gq9CO695q9eRYYF
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30785
last-modified: Sun, 09 Aug 2020 14:58:29 GMT
server: UploadServer
etag: "f596bf62b13ac69cd25b66466af15655"
x-goog-hash: crc32c=C9IoXg==, md5=9Za/YrE6xpzSW2ZGavFWVQ==
x-goog-generation: 1596985109279554
cache-control: public, max-age=3600
x-goog-stored-content-length: 30785
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:35:31 GMT

GET
H3 200 16.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 89ms
88ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/16.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a114bca175a4dcf455ee2b5dcc9df6e39077cd0ed52e48c297efac2c837c35bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:10:33 GMT
age: 2026
x-guploader-uploadid: ADPycdvNy4yun1T3imrJe9rfgx7vvnbSN9n9h3YtaXinuwa-LaCr8LbzLbE0zKn1wTWqjaByTcLuV54Xj3CmOCj6vWlvmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31093
last-modified: Sun, 09 Aug 2020 15:01:21 GMT
server: UploadServer
etag: "03cead98fe93ac60c2b5513efd65b834"
x-goog-hash: crc32c=sYRp4Q==, md5=A86tmP6TrGDCtVE+/WW4NA==
x-goog-generation: 1596985281991067
cache-control: public, max-age=3600
x-goog-stored-content-length: 31093
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:10:33 GMT

GET
H3 200 555.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 27 KB
27 KB 88ms
87ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/555.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6a251f5e969098aff7ea57994fc4f33085b6541037eb9ff5d930653f35860189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:38 GMT
age: 2381
x-guploader-uploadid: ADPycdsVGjsf1wn-DEC8WaKVzozlA2DVb3iIkpytASJuuSc1Tb_0qN7y0ipahHdKHo7ST7OhSp85-wljaoOtOUgf7kPXtaYgn1FK
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27859
last-modified: Tue, 22 Mar 2022 15:24:44 GMT
server: UploadServer
etag: "c9d89b6134bfae3b853d2aff18369603"
x-goog-hash: crc32c=Bss5Zw==, md5=ydibYTS/rjuFPSr/GDaWAw==
x-goog-generation: 1647962684172386
cache-control: public, max-age=3600
x-goog-stored-content-length: 27859
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:04:38 GMT

GET
H3 200 577.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 34 KB
34 KB 92ms
92ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/577.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fdcc549610d7ed282902b782e8aa74c9d27d2132a6921605c47560d963683a7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:38 GMT
age: 2381
x-guploader-uploadid: ADPycdvJj2nZADY2MOurT_55dlZukDEu0kJhM3BVezXwkwSV0ZcZOo-YS-BX3TY71bG8EgVQUMBe7yUPeCNGhTW5WShC9hnM2cFc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34355
last-modified: Tue, 22 Mar 2022 16:36:18 GMT
server: UploadServer
etag: "4f9f42c990d7899e3400f33cdc4adee2"
x-goog-hash: crc32c=9Lmojw==, md5=T59CyZDXiZ40APM83Ere4g==
x-goog-generation: 1647966978676550
cache-control: public, max-age=3600
x-goog-stored-content-length: 34355
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:04:38 GMT

GET
H3 200 174.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 35 KB
35 KB 91ms
91ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/174.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e37dd4fd3a0f781d702329d74b13ef3b16459394babe3367b96dddaf3b2e658f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:33:14 GMT
age: 665
x-guploader-uploadid: ADPycdvL734qLKlrqybXV_rdl5gC0unjSU1gyxTPvAKcBJDEDsXZm2wEH94ayo5nNUkYi8zXzam3guYdcgOnM0r17A68nf2SBQ-f
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35414
last-modified: Thu, 06 Aug 2020 06:34:08 GMT
server: UploadServer
etag: "2fddfa33d68c305afe18f2ee8dd4cb44"
x-goog-hash: crc32c=WeRmsQ==, md5=L936M9aMMFr+GPLujdTLRA==
x-goog-generation: 1596695648846753
cache-control: public, max-age=3600
x-goog-stored-content-length: 35414
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:33:14 GMT

GET
H3 200 21.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 35 KB
35 KB 90ms
90ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/21.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a6c62841d67a17cf39c2f2543499c5af54b7047db79befc284ce0554a8f50cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:04:38 GMT
age: 2381
x-guploader-uploadid: ADPycdv_aKD_01loDX0vYPKhYgCNiPWhYPiF6MR2VuRZyRj08iBeS41WMaHPmKZeeGL4zEKmXMvc69ZNXanUCV3xsQzgjbBnI3P0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35673
last-modified: Tue, 13 Jul 2021 10:49:26 GMT
server: UploadServer
etag: "587b40d33e1c346f95b336cfa88523a5"
x-goog-hash: crc32c=DAO0KQ==, md5=WHtA0z4cNG+VszbPqIUjpQ==
x-goog-generation: 1626173366371354
cache-control: public, max-age=3600
x-goog-stored-content-length: 35673
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:04:38 GMT

GET
H3 200 129.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 26 KB
26 KB 88ms
88ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/129.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0d898c6917f7030bca0cac538f0adf9a319f9256357358a037978447ccb3008b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:33:14 GMT
age: 665
x-guploader-uploadid: ADPycdvWRnv46vplVpKCpwj0C16mEBUNOOXg5TALs6-Mr9IZ0Rvo6M0txgQmxeVcXSB9mC5ESLstbGbz9gRd7S3KmOfKc3fG3F1Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27028
last-modified: Sun, 09 Aug 2020 15:07:52 GMT
server: UploadServer
etag: "c429eb1fd09598c9846b4e5b99a98215"
x-goog-hash: crc32c=w2cVCA==, md5=xCnrH9CVmMmEa05bmamCFQ==
x-goog-generation: 1596985672118681
cache-control: public, max-age=3600
x-goog-stored-content-length: 27028
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 17:33:14 GMT

GET
H3 200 8.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 26 KB
26 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:82a::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/8.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ec387818cc9e2f2a6d96e4ce99c013aa94de5553980d93e5fa12b4515daada85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:56:12 GMT
age: 2887
x-guploader-uploadid: ADPycduOwBcQ81XQTad8_uXr-O7J07wyiwSRKb4KxAiaJ-2aOW6ixbexioeaTN8vXyXESE1ChWBE3KKRNDL80iOQFlZNqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26763
last-modified: Thu, 06 Aug 2020 19:27:15 GMT
server: UploadServer
etag: "8e2174c373987f7b0898e9773fc9b68c"
x-goog-hash: crc32c=2G+FaA==, md5=jiF0w3OYf3sImOl3P8m2jA==
x-goog-generation: 1596742035274515
cache-control: public, max-age=3600
x-goog-stored-content-length: 26763
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 07 Apr 2022 16:56:12 GMT

GET
H2 200 1d3b4f9d82ab34afd37b99177f09cb1f-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3BhY2VyLXNwcml0ZS5wbmc%3D
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/ Frame 9701 95 B
567 B 74ms
56ms Image
image/png 2600:9000:223e:8e00:0:c0ab:5c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/1d3b4f9d82ab34afd37b99177f09cb1f-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3BhY2VyLXNwcml0ZS5wbmc%3D

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8e00:0:c0ab:5c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 6f843a2c88849022-FRA
content-length: 95
x-amz-cf-id: EZkFI-r5wnXl8r5MFdvYyoaEnCXQevPOCX-KbzNRfc5OKlav6VGo9A==

GET
H2 200 1d3b4f9d82ab34afd37b99177f09cb1f-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3ByaXRlLXNlYWwucG5n
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/ Frame 9701 48 KB
49 KB 95ms
73ms Image
image/png 2600:9000:223e:8e00:0:c0ab:5c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal01.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8e00:0:c0ab:5c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 6f843a2cbb9d90d4-FRA
content-length: 49397
x-amz-cf-id: Y5erNNQzRHMkm-vnP8tM3xY2I4cZqmvsZSSHZaEloal-s7l9fPoJXg==

GET
H2 200 54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/ Frame 9701 68 B
432 B 37ms
15ms Image
image/png 2600:9000:223e:8e00:0:c0ab:5c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Requested by: Host: www.gratowin.com
URL: https://www.gratowin.com/seal01.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8e00:0:c0ab:5c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 08:48:42 GMT
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
server: AmazonS3
age: 546938
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 68
x-amz-cf-id: SUyerOiZHqkVEUFZFNhdbX2UFNGDxfw1yG810KriuTIHBPGTHteDQQ==

GET
H/1.1 200
OK frame.html Show response
gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/ Frame A566 402 B
779 B 173ms
73ms Document
text/html 52.214.226.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/frame.html?id=3894765032&key=L0IG8KZtOwGqoH58bUYsRzgLviuIxVzA
Requested by: Host: prod.webpu.sh
URL: https://prod.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/sdk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.226.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-226-97.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: c8effd9e52faff60c2192236e33e75b563ee156e86ec70ba358a07275692f1bb

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=21600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 07 Apr 2022 16:44:19 GMT
ETag: W/"7dd053793ed36b7e0d4b554f9a5c4fe1"
Last-Modified: Sun, 06 Jun 2021 07:03:02 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: HBqLqdXxTpmPcmupqvHkaugppPx1gDkMuzo92UWKMHtw7o+92Dp7tAodP8jzKRBHSz+1PG4xYJE=
x-amz-request-id: E0CF7QXK6MK13Y1P

POST
H/1.1 200
OK deviceUpdate Show response
api.xtremepush.com/push/api/ 68 B
505 B 48ms
47ms XHR
application/json 52.31.235.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.xtremepush.com/push/api/deviceUpdate
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.235.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-235-195.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f

Request headers

Accept: application/json
Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 07 Apr 2022 16:44:19 GMT
Content-Encoding: gzip
Server: openresty
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json
Access-Control-Allow-Origin: https://secure.gratowin.com
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

GET
H3 200 start_countdown.jpg
cms2.netoplaycdn.com/Platform/COMMON/promotion-slider/en/easter_hunt_promotion/ 43 KB
44 KB 68ms
37ms Image
image/jpeg 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/COMMON/promotion-slider/en/easter_hunt_promotion/start_countdown.jpg?v=99
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b31ca20a24f565a5a299472f323d691560ed065be5ebfc2262de966c7158b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=iGs8OA==, md5=OjK7EqA5W0gSf35QyGG2lw==
date: Thu, 07 Apr 2022 16:44:19 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduU34ekcPmxoUcfvpdMnCe5U6LIgyh883VTiJnORqEk99s2-5vWrXJxPcWuqw2zS9H1lMf5eXeZkOHWxcDqgfzf0R7lGzwY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44269
last-modified: Sun, 03 Apr 2022 13:54:53 GMT
server: cloudflare
etag: "3a32bb12a0395b48127f7e50c861b697"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icAENgPkpjT5uC8DHjb4VDs8d6OLwFcXLhLVcLNCNLLpFv%2BeTqu8cSemA15ENSyFgryzYobHDjbCnVb7zUYK3pJWvOEdWJJd%2FXJPd1%2BI8ujAOlDphWwqov8IwWUj6U%2FSEzuK4s5erl7FlN5SeloK%2BJQVJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1648994093101855
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 44269
accept-ranges: bytes
cf-ray: 6f843a2d4a8d918e-FRA
expires: Thu, 07 Apr 2022 16:49:47 GMT

GET
H3 200 MondayCashback.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 79 KB
80 KB 173ms
142ms Image
image/jpeg 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/MondayCashback.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4462ab8896638ad3c26bbf329c9a50f95b687506f7605d1fb11a85d51fd349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=YOsOJQ==, md5=VvC0jENHIgFoo4DjrWYgUw==
date: Thu, 07 Apr 2022 16:44:19 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduNUt2rcDjdk1Vi2yvXKj1lWAFxjWvVRJ0D87USLWQVNUI14ztn8vWmr_g0CymSEPakNj0wy_CAga9kLRKMw8Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81172
last-modified: Sun, 17 Oct 2021 15:29:35 GMT
server: cloudflare
etag: "56f0b48c4347220168a380e3ad662053"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BORIEHhcqeaPX%2FIFFcUWhWcdMQH8qafOA8HROMaS6wh8qM0VeCBI4rMe8P7QBrgAx1VBK0IgzCzWpNF0PrqluJPhRbSNV3dV9fxxFE7OYteoLW3GDLawk503wdi1AQtv9dvZSk9pZ%2BwFo6f3nJ7jbPTKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634484575296769
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 81172
accept-ranges: bytes
cf-ray: 6f843a2d4aab918e-FRA
expires: Thu, 07 Apr 2022 17:44:19 GMT

GET
H3 200 AladdinFridayFun.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 73 KB
74 KB 141ms
111ms Image
image/jpeg 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/AladdinFridayFun.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d7eafcb31379d842d849e8dffc8f96daefce68e293601fbceee13afbc4d9c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=5hX8kQ==, md5=HOcCxDDdHTgVcmDfuevQSQ==
date: Thu, 07 Apr 2022 16:44:19 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsBk2AgPhvkIGz5oCYW_IBov4ddEp20yt-cMybcuPi2ik9RCyGBqLfBwVYWk8OscxfH7KLBnDg1ej8Qyyp8kY1HuMlqiQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75081
last-modified: Sun, 21 Nov 2021 09:37:28 GMT
server: cloudflare
etag: "1ce702c430dd1d38157260dfb9ebd049"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GUbLHd%2BqYflDUij%2BFpD520aZa%2BahW70fjyx8VqYEAywW8nvFUyzZqMAgEs5Hg66m0PuQTHsOnnaS2aJTVTM7hyqF3Z0X33S0Yli0zRJnwA5%2B4UGtUuKflNoJ6%2FaYIoPK53iUNJfuc50kSNH2LF1IVN1%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1637487448033200
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 75081
accept-ranges: bytes
cf-ray: 6f843a2d4a8f918e-FRA
expires: Thu, 07 Apr 2022 17:44:19 GMT

GET
H3 200 Visitor_slider.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 119 KB
120 KB 85ms
55ms Image
image/jpeg 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_slider.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f409b9c718b2a506ecaddca0f008d4e6315e1b511a208dd3080519bc26cb86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=sqvQkA==, md5=j617X8Ak7GE40ZEWIzfxuA==
date: Thu, 07 Apr 2022 16:44:19 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsqIygJ8NE2xjlHaJyx923w2MZzfQbo0MAgA0Jlwl6UJuMPR58m5SFxy2SrUX9nu6g_F9_gluPlIK9p17ATaI4HKSVCYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 121964
last-modified: Wed, 22 Dec 2021 09:11:30 GMT
server: cloudflare
etag: "8fad7b5fc024ec6138d191162337f1b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsibtz5l%2B7VOB1m59xQOEcjCx2BDlCuMFlNj3A6IXnEAZ8x07qAo6C7g0EuZnqT1wh1%2BfaxudMrsunx4WRH3TZl%2BDhNepGmGMffziDxM9HAMpDodTSKzCP5T0FTKeDa0OApUoalHxnII%2BG4yG2ArbYWwEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1640164290153155
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 121964
accept-ranges: bytes
cf-ray: 6f843a2d4a9b918e-FRA
expires: Thu, 07 Apr 2022 17:27:48 GMT

GET
H3 200 Dragons.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 61 KB
62 KB 111ms
81ms Image
image/jpeg 2606:4700:3031::6815:18a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Dragons.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:18a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f7bcab7a6f1330e20df36421420869f19ed31b018487fb075961ac11c1a48b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=rHowaw==, md5=6lcBoFaVrsAEzxRhuaWdXQ==
date: Thu, 07 Apr 2022 16:44:19 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdudQM288lOleLLlBB3w6eArft1pVuB3726h_TMg1Ab5toEVvQrEhO_1aB45tiaUn1FvzqghuGrSTkHLu3LvnMuW8w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62896
last-modified: Wed, 09 Feb 2022 09:54:14 GMT
server: cloudflare
etag: "ea5701a05695aec004cf1461b9a59d5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFMV4T5NQVJmLlplCJQLcm3dTyZww%2BG%2BLwx%2FAq6k75HiM2g9%2BF%2FC5Tyoz%2BQ0isp1VEnXy0F3pjztlIbjFMduNasIRsheQRNL43sqLS0n0mhzmPVLYtcwIkHX6CkP2XjgJ%2FGHQkDeAKTw1N1y7PmLbKLcOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1644400454261143
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 62896
accept-ranges: bytes
cf-ray: 6f843a2d4a97918e-FRA
expires: Thu, 07 Apr 2022 17:10:40 GMT

POST
H2 204 result Show response
www.gratowin.com/cdn-cgi/bm/cv/ Frame 9701 0
269 B 21ms
20ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gratowin.com/cdn-cgi/bm/cv/result?req_id=6f843a2a3a749a05
Requested by: Host: www.gratowin.com
URL: https://www.gratowin.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gratowin.com/seal01.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Apr 2022 16:44:19 GMT
server: cloudflare
cf-ray: 6f843a2d68309a05-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 200
OK sdk.js Show response
prod.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/ Frame A566 112 KB
23 KB 471ms
470ms Script
text/javascript 52.214.226.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/sdk.js
Requested by: Host: gratowin.webpu.sh
URL: https://gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/frame.html?id=3894765032&key=L0IG8KZtOwGqoH58bUYsRzgLviuIxVzA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.226.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-226-97.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 21c84163c6f6154f13c85e42cfd85b2fb4e2e8308cf96762965ad0dc8ff52e19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gratowin.webpu.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:19 GMT
Content-Encoding: gzip
Last-Modified: Sun, 06 Jun 2021 07:03:02 GMT
Server: openresty
x-amz-request-id: E0C1347XDZJ13N0V
ETag: W/"a728d986cd672c400cda54305afd1359"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 4NM29TPeM82wn/sqo2GH3R9kPcZjgGNGnAUrlI+4Vwvgqin2l2smPFIuj2KNBBdYN2plvo2B2Hc=

GET service-worker.js
gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/ Frame 0
0

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 36 KB
12 KB 421ms
201ms Script
application/javascript 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/freshchat-script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

2d2d3e88bf859c4965e609070bc8299e5fd0a9e987613aebc2785fd1c561e109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:20 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: a6702175-4dea-4774-8668-abf18c6a8cd1
x-trace-id: 00-17be565c1dd3ddd86dfc61735ea96167-9257580b987cbd12-00
served-by: 2601
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 2601
Content-Type: application/javascript

POST
H/1.1 200
OK deviceUpdate Show response
api.xtremepush.com/push/api/ 93 B
825 B 367ms
290ms XHR
application/json 52.31.235.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.xtremepush.com/push/api/deviceUpdate

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.31.235.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-235-195.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

d3246366d784b16d3528b9c8152cd58bcc9f48a392b10a4aa76f11380a3ce727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 07 Apr 2022 16:44:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
Access-Control-Allow-Headers: Accept, Content-Type, X-Requested-With
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://secure.gratowin.com
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 web_icon_large_5562_5fb120e049c6f.png
s3.xtremepush.com/application/ 7 KB
8 KB 230ms
168ms Image
image/png 18.66.248.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.xtremepush.com/application/web_icon_large_5562_5fb120e049c6f.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-73.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94fee81d12201cee36ebaf610f9f564ad36071b81c3305fafdb090414d9860cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:44:21 GMT
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Sun, 15 Nov 2020 12:36:49 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
etag: "3acba964b4b76d570b17dce131a38581"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 7352
x-amz-cf-id: 9PsPgtNJ4pAxWgP5Q6npoRJh4rMN4VUPpqSG7l1YS1rbi-lDLJWkEw==

GET
H/1.1 200
OK / Show response
wchat.freshchat.com/widget/ Frame ED50 5 KB
3 KB 215ms
108ms Document
text/html 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

1ec575ac78dcdab65a4ed71644d5a16d162f8a8ef39074b68b62d29501b84cfe

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Thu, 07 Apr 2022 16:44:20 GMT
Transfer-Encoding: chunked
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
served-by: 5323
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: a90c7c5d-c01f-4f0a-a3b4-24a3465834cb
x-server: 5323
x-trace-id: 00-0b18c609331e32720e561cb74fbcd0b4-78df32ac88bfa8a7-00
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK widget.css
wchat.freshchat.com/css/ 7 KB
2 KB 106ms
106ms Stylesheet
text/css 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/widget.css?t=1649349860479

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:20 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: da7b19fe-dc34-9849-8e8e-65dc72dfacdb
x-trace-id: 00-db7ddf275378301aae023e620a98f474-7c5bbf4e5691e74d-01
served-by: 2601
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 2601
Content-Type: text/css
expires: Fri, 07 Apr 2023 16:44:20 GMT

GET
H2 200 vendor.bd52f7d59d8335c4e4bb75788cab9d68.css
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 5 KB
2 KB 81ms
19ms Stylesheet
text/css 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.bd52f7d59d8335c4e4bb75788cab9d68.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c725a8b39a90b240c476e1f8c4737bcb47d002eb24ae560b011021d6a9178e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:42:53 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:21 GMT
server: AmazonS3
age: 149
etag: W/"bd52f7d59d8335c4e4bb75788cab9d68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: gI-pbo79mRHial_BVh-ocmm4SuGI6o4LLqqABSqh8GmPWuA6eaEq8Q==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 0
409 B 81ms
20ms Stylesheet
text/css 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:40:31 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 09:32:16 GMT
server: AmazonS3
age: 230
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: aaCgsGmUDgKQFZrKX96-zfBgcfXj4q5lsPnvPAaavG5jgzibyGjcUw==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 vendor.3474f8e0dcdb6126f26894076afa40d6.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 684 KB
180 KB 86ms
24ms Script
text/javascript 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:42:53 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:21 GMT
server: AmazonS3
age: 149
etag: W/"3474f8e0dcdb6126f26894076afa40d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Ngdo7HXuFsf4ySQGwEKnk_3Zw3h0mPvFsuauwIP4Z6utgX7rzSch5w==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 52.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 1 MB
246 KB 21ms
21ms Script
text/javascript 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/52.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a7467948f341704bae70175d1c5196db3ba24abf97121e40b7476b6c63a8534

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:42:53 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:11 GMT
server: AmazonS3
age: 160
etag: W/"c71425815a980cfe995076fa03768309"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: vzw2r1RhRDgmrGxGUXFWnLnbnGrbI-55gxrea_HYu3VT5OCNXNjbPw==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 chunk.f09242bf1310580c4680.css
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 216 KB
27 KB 22ms
21ms Stylesheet
text/css 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f09242bf1310580c4680.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 723c00a4e7a2b3c96363ff1d6427db0c3d52bed656f17f177830c32344e49db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:41:51 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:15 GMT
server: AmazonS3
age: 152
etag: W/"71b0531561e37190e7851ab8ecae2853"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: o7t4kx3nOjWktgZNuSdqdYTLzVP-QDztcdvxS0IQe3yfSPZrR61XIg==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 fd-messaging.c63dbf5e939f99cde25f.css
assetscdn-wchat.freshchat.com/static/ Frame ED50 216 KB
23 KB 21ms
21ms Stylesheet
text/css 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.c63dbf5e939f99cde25f.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 723c00a4e7a2b3c96363ff1d6427db0c3d52bed656f17f177830c32344e49db1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:42:17 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:22 GMT
server: AmazonS3
age: 125
etag: W/"71b0531561e37190e7851ab8ecae2853"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Deyk7XZccRlqqQviygXjvQ9ENjgyMSKUq84ABqYCORyKzAIcSPvaWA==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 fd-messaging.751037a3173b076b5418.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 668 KB
137 KB 23ms
23ms Script
text/javascript 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef940e7ec30fe98b541634a1aae517f1b8435b8bac0326b6adbec237fa1b86cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:41:52 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:16 GMT
server: AmazonS3
age: 150
etag: W/"c8985e1b207fb6b68eb1d989d049921b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Ku4uVSOAtcmfU8lwa8OWYml3E1pdfx9ZuEWSoi6S8dELJcGgD14Hfw==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame ED50 81 KB
25 KB 63ms
19ms Script
text/javascript 108.138.17.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd5dbb4ce6bfa26f569908d2bca1baf07cd73f5c2e1eba317c615e6a2c10a209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: xt_Tbcy8Bl74KtUMerh6acSPLmiONkb4
content-encoding: gzip
etag: W/"84667f61de461fc4542685de60344251"
last-modified: Wed, 30 Mar 2022 06:27:33 GMT
server: AmazonS3
age: 1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
cache-control: no-cache
date: Thu, 07 Apr 2022 16:44:21 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: athQP8p-gXRymdYtG0tUmjwsUDBLiDO-PJTsx0rvXEbynouJV_2l4w==

GET
H2 200 chunk.8eb84a2d6ca523b20b8e.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 3 KB
2 KB 18ms
18ms Script
text/javascript 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.8eb84a2d6ca523b20b8e.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e90df97ccd0158dbefe599a2116325b9f29387fc4edf18716d8145a8dc9d2a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:42:20 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:13 GMT
server: AmazonS3
age: 122
etag: W/"dcfe04e254d1a1ba364654bb70f84be6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: mUulj5fr7AvVldcVAKeVfKdepZohC9DyCrPPuASMMZ2HFMW67LZDww==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 chunk.66585627df7039b55cf9.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 10 KB
4 KB 23ms
22ms Script
text/javascript 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.66585627df7039b55cf9.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8adc645ee4884555edd2d1f1f66d3c62182b4b3dc4c28f6b7a7addeb77d4cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:41:05 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:13 GMT
server: AmazonS3
age: 198
etag: W/"91be706b99b1f4d0f7ea02d504c55032"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 2R8WsvtkHRvCKFIrkCZvpZ899yoiAo00XzVe-5UDKAT1JRQ_k7igtg==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H/1.1 200
OK config Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/ Frame ED50 1 KB
2 KB 117ms
116ms XHR
application/json 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/config?domain=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8adea074e8e84c4e51e4ecb0a0b0772502c55f27dc98b0d459c733654e0f098d

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:21 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 9
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 3257fd13-655a-4f63-bb6b-d9b60c4e1f95
x-trace-id: 00-f58a1ce39e4aca1e1fec447f68042e9d-45edc8c4af5352a5-00
served-by: 6714
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2999
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 6714
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 fs-icons_db9017235f84eecfa2cafef72d487865.a50b22f71ea9f5d75e3dc4959c4f57a0.woff2
assetscdn-wchat.freshchat.com/static/fonts/ Frame ED50 5 KB
5 KB 57ms
20ms Font
binary/octet-stream 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fonts/fs-icons_db9017235f84eecfa2cafef72d487865.a50b22f71ea9f5d75e3dc4959c4f57a0.woff2
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f09242bf1310580c4680.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760

Request headers

Referer: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f09242bf1310580c4680.css
Origin: https://wchat.freshchat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 16:40:36 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
age: 226
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
content-length: 4928
last-modified: Thu, 24 Mar 2022 09:32:22 GMT
server: AmazonS3
etag: "1181e40b8546834a9805fdf81df2f865"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://wchat.freshchat.com
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: secY4g4ToSBoCYlqEHKDgpoN4X1IT1GZQuEqZNgdcuHn0Svgvfet1Q==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H/1.1 200
OK co-browsing.js Show response
wchat.freshchat.com/js/ 27 KB
9 KB 107ms
107ms Script
application/javascript 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

83d1e49bbae8fe48e40806eb457ae7686d21cb217f28671241bbc6462d4a6666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:21 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 3
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: ad159879-0ef1-4128-88e6-e505dde74ee7
x-trace-id: 00-50ef72c5df1196f64be1461ff3defc11-831d376b1bf28ab8-00
served-by: 4082
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 4082
Content-Type: application/javascript

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 4 KB
5 KB 23ms
23ms Media
audio/mpeg 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 07 Apr 2022 16:44:21 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
age: 12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Thu, 24 Mar 2022 09:32:20 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: 9DFK2R8v1bMKTfF-rn-4RHny2DrvS5qtBWmiU4Spg8BUrvClS90jjg==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H/1.1 200
OK user Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/ Frame ED50 63 B
1 KB 140ms
139ms XHR
application/json 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/user?siteId=767676_8

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:21 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 34
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: a4f1d267-b710-4f17-9168-b7f8a3f57c71
x-trace-id: 00-ecf6c03bee9d911bbdac39d86da992f6-0189a4d50d86121e-00
served-by: 4082
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2998
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK cb.css
wchat.freshchat.com/css/ 1 KB
1 KB 105ms
105ms Stylesheet
text/css 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/cb.css?t=1649349861642

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/co-browsing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:21 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: f8cf3c73-1de4-9ca1-a3df-520bc50899f5
x-trace-id: 00-5ed6271bec3ea79c5ccdef26aeb11005-ff2d19b985c5105a-01
served-by: 4082
last-modified: Thu, 24 Mar 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 4082
Content-Type: text/css
expires: Fri, 07 Apr 2023 16:44:21 GMT

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/ Frame ED50 21 KB
4 KB 107ms
107ms XHR
application/json 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

ef800a46c8617b1c2c5ff2027cc0ab093b0f81184ae649d92efc544d186653bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:21 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 0
x-status: HIT
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 06782eb6-35be-42c9-8d94-6e76c0a3d1cd
x-trace-id: 00-56fd62052bfb301b4136d577703b569b-1f0ca0cb0cc94fd0-00
served-by: 4082
server: fwe
x-ratelimit-remaining: 2997
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 chunk.228a5fbdde6fba4c7eea.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 53 KB
13 KB 20ms
20ms Script
text/javascript 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.228a5fbdde6fba4c7eea.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c422aa690f54ae2c109ef8e0b4eb4f996be2dfee5b9961d673d3b5e2c522856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:40:33 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 09:32:12 GMT
server: AmazonS3
age: 231
etag: W/"a690db1e8d31748e4a14bd961dc6795a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 3PYpe9fBbYtnXWmJrI_G2gcFLp9nna_mENcTq3_jWMq8XjQHe1lD9A==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
H2 200 chunk.c192c38501e1cf106875.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 201 KB
35 KB 23ms
23ms Script
text/javascript 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.c192c38501e1cf106875.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.751037a3173b076b5418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 79a421ad1d0b3ada95b04d3f426a829ebe32fe1c2cfecd238d9191d130a8767e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:41:04 GMT
content-encoding: br
last-modified: Thu, 24 Mar 2022 09:32:14 GMT
server: AmazonS3
age: 198
etag: W/"abb7d9d15eba65ab0104426266fae280"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ouYxzaBiIslHaIMpD60HJzId1hYi6lCv5_qkHG4skidbo5gbO1ukBg==
expires: Fri, 24 Mar 2023 09:32:09 GMT

PUT
H/1.1 200
OK activity Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/user/dc87b8ed-e032-446c-a068-46df1c6c113d/ Frame ED50 17 B
1 KB 110ms
110ms XHR
application/json 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/user/dc87b8ed-e032-446c-a068-46df1c6c113d/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/52.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 3
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: 3d7be5c9-083b-4b5d-a07f-55b6b4c441f1
x-trace-id: 00-35edffd4ae25988bcbccf6d4d237c3c0-0b09600a07da977a-00
served-by: 5323
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2996
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5323
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 index.html Show response
438961925528018.webpush.freshchat.com/ Frame E63C 30 KB
7 KB 673ms
437ms Document
text/html 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://438961925528018.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-81.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 07 Apr 2022 16:44:23 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-id: Y8BIzQJUKWKpjVudOWP7W33kcvbcTq1EfvfJ1XJoNsVhVPxX4M4fhg==
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H/1.1 200
OK category Show response
wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/faq/ Frame ED50 209 B
1 KB 114ms
114ms XHR
application/json 54.152.199.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/2754edad-ab3e-48a1-a113-035cef2eed33/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.152.199.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-199-76.compute-1.amazonaws.com

Software

fwe /

Resource Hash

d311eb2d266ef16daac9c17ea2c6f074e9c0a542ed3f25ab209757947d59f8cc

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=2754edad-ab3e-48a1-a113-035cef2eed33&referrer=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 07 Apr 2022 16:44:21 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 8
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 5cbc722e-409d-4e91-8e2f-d5c080acd2ee
x-trace-id: 00-8c9f2fa96c231b128dbdef8462b2042f-260a6dae12d5a706-00
served-by: 4082
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2995
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
assetscdn-wchat.freshchat.com/static/assets/ Frame ED50 663 B
1 KB 20ms
20ms Image
image/svg+xml 108.157.4.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-58.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 07 Apr 2022 16:43:47 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Thu, 24 Mar 2022 09:32:16 GMT
server: AmazonS3
age: 42
etag: "cd452acf4efb05843ef7575e5a9de756"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 663
x-amz-cf-id: JWBT4qWhK-Ote2ox75fpwNlFWDQR1Ax5HV4RGqmqIrL16iVDYVMBeg==
expires: Fri, 24 Mar 2023 09:32:09 GMT

GET
BLOB 200
OK 0a4d2e39-bbb0-406e-9835-e2dcacf49da1
https://wchat.freshchat.com/ Frame ED50 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/0a4d2e39-bbb0-406e-9835-e2dcacf49da1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a4bf2ab88acb880338e136abde96936d2b756f626d32b14e0ef5b30f81fc2c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 152

GET
H2 200 fc_logo.png
438961925528018.webpush.freshchat.com/ Frame E63C 4 KB
4 KB 17ms
17ms Image
image/png 108.138.7.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://438961925528018.webpush.freshchat.com/fc_logo.png
Requested by: Host: 438961925528018.webpush.freshchat.com
URL: https://438961925528018.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-81.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://438961925528018.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9zZWN1cmUuZ3JhdG93aW4uY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 01:36:54 GMT
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
age: 54449
etag: "e87df9f10dcf497ae292dc234200465c"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: BWiXCQscD1vF1KsoWt6-0sHo2UySZoPGWEshX619lzI6JdWgtSR9nA==

GET firebase-sw.js
438961925528018.webpush.freshchat.com/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gratowin.webpu.sh
URL: https://gratowin.webpu.sh/75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP/service-worker.js?v=2.0.2&id=3894765032&key=L0IG8KZtOwGqoH58bUYsRzgLviuIxVzA&app_key=75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP&backend_url=https%3A%2F%2Fapi.xtremepush.com&debug_logs=1&ref=https%3A%2F%2Fprod.webpu.sh%2F75KkGZGLZxzIwR7O96ZkIvjAHWwM4ByP%2Fservice-worker-source.js%3Fv%3D2.0.2

Domain: 438961925528018.webpush.freshchat.com
URL: https://438961925528018.webpush.freshchat.com/firebase-sw.js

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.gratowin.com/	1970-01-25 20:31:23	Name: redux-cookie Value: %5B%5D
.gratowin.com/	1969-12-31 23:59:59	Name: playerType Value: 0
secure.gratowin.com/	1969-12-31 23:59:59	Name: registerState Value: returning
secure.gratowin.com/	1970-01-20 02:19:14	Name: url_affToken Value: 1
secure.gratowin.com/	1970-01-20 02:19:14	Name: url_affiliateToken Value: 1
mpsnare.iesnare.com/	1970-01-20 10:54:45	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: Se47MT4SJD/7JEB44uCGvAHfl0UM8jlzaR7ZWqPAYG4=
.secure.gratowin.com/	1970-01-20 10:56:12	Name: _vwo_uuid_v2 Value: D9C7FD892C5727ECD3339952EAFC13BA9\|963f3f9569b0cddbaef61c4f6f138e6b
.secure.gratowin.com/	1970-01-20 02:09:11	Name: __cf_bm Value: LQztW9WJF3gkth0XtxMj0PdgrHk_1Xq6VW53lXLFJek-1649349858-0-ARbAgd744V1+nW9vXTVm6b0oF5RGHjN5o0znQIJ+/qs61mX93VZZy4cSYDrPBR3k56GIzd7PksudcZOsxFNR8ATjIRHr/dPDTFk/dZymCoAlR7OayuoGfebJS6QY2ncOjA==
.gratowin.com/	1970-01-20 04:33:09	Name: _vis_opt_s Value: 1%7C
.gratowin.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.gratowin.com/	1970-01-20 19:40:21	Name: _ga Value: GA1.2.1636956054.1649349858
.gratowin.com/	1970-01-20 02:10:36	Name: _gid Value: GA1.2.1692730961.1649349858
.gratowin.com/	1970-01-20 02:09:09	Name: _gat_UA-27702367-6 Value: 1
secure.gratowin.com/	1970-02-25 14:43:43	Name: locale Value: %7B%22lastSavedLocale%22%3A%22en%22%7D
.www.gratowin.com/	1970-01-20 02:09:11	Name: __cf_bm Value: 6DcE7JPe5OxFVpXW8Kxm9l844S7sWs3F812IksUZ6Hg-1649349859-0-ARp/SOUGNy+AQvDc15llUtd+qUc0cyD0LNelhIL1MY4Uje32P1jpLl5tg8LRlBj1Xf5nKM8pEeZz0lPm7C8cypDg3/KF6DX03MaWN53DXKu8hglvb2EHHs4EnZ97sxqUNg==
.secure.gratowin.com/	1970-01-20 10:54:45	Name: _fw_crm_v Value: 437818fe-dc1e-458b-e78a-4f5d5333f070

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.gratowin.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com
438961925528018.webpush.freshchat.com
anakatech.uat1.evo-test.com
api.xtremepush.com
assetscdn-wchat.freshchat.com
cms2.gratowin.com
cms2.netoplaycdn.com
d2afn796dyftlg.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
ga.streamygame.com
gratowin.webpu.sh
maxcdn.bootstrapcdn.com
mpsnare.iesnare.com
prod.webpu.sh
rts-static-prod.freshworksapi.com
s3.xtremepush.com
secure.gratowin.com
storage.googleapis.com
wchat.freshchat.com
www.google-analytics.com
www.googletagmanager.com
www.gratowin.com
438961925528018.webpush.freshchat.com
gratowin.webpu.sh
108.138.17.126
108.138.7.81
108.157.4.58
147.78.140.52
147.78.140.54
18.66.248.73
2600:9000:223e:8e00:0:c0ab:5c00:93a1
2600:9000:224a:7a00:19:2a6:6500:21
2606:4700:3031::6815:18a7
2606:4700::6812:acf
2a00:1450:4001:801::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2010
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
34.96.102.137
52.214.226.97
52.31.235.195
54.152.199.76
54.228.71.178
87.246.163.84
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
087a64a782e52566b9f11c4d3ffbf22498482165591c955972fece46a702f13b
0a293fe31690126491d346623061d2c19d34f8e1160b6c1f4def430a76c3c46f
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d898c6917f7030bca0cac538f0adf9a319f9256357358a037978447ccb3008b
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
14938be87d77b400fc65091ec6f1d46b998c9878baf1fdd02923f21a1fd3c650
1727bf55c3053f8431b1c2c16993832aad32262207d771a7d8bdda0ceb076bb9
1940be89f577cc501111e5b0ad5842ab8f35e89fb7f32c5716f08e2f4c057399
1b29eb281cccfb39c49cf4f15297709644582ca6d0bccf04a1a32c839195bc8f
1ec575ac78dcdab65a4ed71644d5a16d162f8a8ef39074b68b62d29501b84cfe
1ff8f0c174db748442f0760616142b2f6e4f1d9bbb03078a45b6f143c65c2fee
200d2aa85fb27867b01a2dfccfde12e46deede7e54473f20dbcb447f71bbf703
21c84163c6f6154f13c85e42cfd85b2fb4e2e8308cf96762965ad0dc8ff52e19
22e7337c994a1cd7b0f534cd7a21ec765ed53a6fe3636fb8c6838bcd0994b0e0
27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6
2d2d3e88bf859c4965e609070bc8299e5fd0a9e987613aebc2785fd1c561e109
30359b2f6e177739cf2532d651b638df141477f1084c96a2887e9fffb9a7ac5d
31a9b2bde7c6f7353a3db430df0c9c3ca967eee63695acafc1057a904ca6612e
33cf9635b62dfc0a9f749b5e6a97c281d10b4791460559460658dc3220e9311f
33cf9df5dbd4413c345804c9fc915a6ec979b9b1405282ee45cf2f9319eb9166
3529f1504c322f713542e0c906062c8d967fb69ae0e2315c81e5a08a9ad98844
3613c7463cc1d9273d701544030f324b5bd2f16d5fd7723924dde7435e4be850
36d7eafcb31379d842d849e8dffc8f96daefce68e293601fbceee13afbc4d9c5
37da18b75e737ce56e7b7a3ba01359aeea7e6d21022e6f7b7baf120a74ef99a3
384ca46673f9d9209ecf6b510aa5e67e5e6e8c5762d7b5c8e643dfc96fb96031
3b6def0826012e44d264028b56de2c5dd009bae4cd146201778e48562132a114
3b796222d4d2609f2f03be081727632c910be3fc50f2836968850de194b18745
3d7df47769ec6bcd42be9ebb5e9e1a7d1a28ad6581efda57fb5c02a605ad4e94
3e37e8a648cbdd70334a1189b9f16edd75ad69619c9e592a9f4763fd2c272d3d
3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866
4022fcd71fc9cd5ea700911970e7a592b086c5bd47f906a3ff85227c0d531c9c
486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b
4a3fac098e1ee9fd389733d4fda24a20195ecc3939d4bca96a55826d079fa1c5
4a40b6a2e398eaf2d798d830c33a3c6f3aeb1f59f7d5cf7e84eb4c39ffdecb7d
4c422aa690f54ae2c109ef8e0b4eb4f996be2dfee5b9961d673d3b5e2c522856
4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0
4e90df97ccd0158dbefe599a2116325b9f29387fc4edf18716d8145a8dc9d2a8
4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7
50fed9d33da0d208018801942777a0d028b9d9430fc3ab3dd3f8fb4c6ca28594
5ad73612f12f05dfb07d437a5d3d9a19c5ed14ced0b78362eadd9ac8effde3ec
5aff39c9c21c2b6a63efbd490ab0f0d06ec4bb45d76c7d2ac043a3adc26afbb1
5b512b193d0958524c3ef37e3fc387a8bf632c0ec7213eca09afe46d6ed5208b
5fd1379686f0e08fe90c06bfe0289335e25e0bba0c5f994b847618bac61dd919
63b3ee24f6efe1c85cffab7f293a66ba15378223cbbd6afe95fbcefb766e24c4
64239a753c10474529061f30b46c410db0e2f44754102aa5c29a0676b045c6cf
655b826c2384d46f083d22f9acd9969d0762e00a1286f40bf706e915c57f94c5
6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5
6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760
6a251f5e969098aff7ea57994fc4f33085b6541037eb9ff5d930653f35860189
6a4bf2ab88acb880338e136abde96936d2b756f626d32b14e0ef5b30f81fc2c3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f409b9c718b2a506ecaddca0f008d4e6315e1b511a208dd3080519bc26cb86d
70fe8cadd21c001ef74d080c1b5a44eb734f6fffaae5e8bf4098e464e25de6ee
71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a
723c00a4e7a2b3c96363ff1d6427db0c3d52bed656f17f177830c32344e49db1
79a421ad1d0b3ada95b04d3f426a829ebe32fe1c2cfecd238d9191d130a8767e
7c822f1df04cac5f607f887553b997e6f28dff4c861292fe99c87ff10632a9f1
7cf165b014c809f85253928ae6089faab4524c9eadc9c0fd594939c0dd504485
7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924
7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4
7f4462ab8896638ad3c26bbf329c9a50f95b687506f7605d1fb11a85d51fd349
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
8175ff9e4cb281d9a31e069db1e68c057f7fe5abd35a2ba4c322d2a62674d6a8
829ce0834b34b45c7c7083765892705f9b969c31d335d5f498be198760252374
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d1e49bbae8fe48e40806eb457ae7686d21cb217f28671241bbc6462d4a6666
87d936c8cbc0aeacd0b7d12a04d8819f1e7f436f177cb4479a3bbe523cc5edfd
89fde58cb7ad56b3f284469a4ce2819594ecfee242eb1a887049e4790322a8f0
8a7467948f341704bae70175d1c5196db3ba24abf97121e40b7476b6c63a8534
8adea074e8e84c4e51e4ecb0a0b0772502c55f27dc98b0d459c733654e0f098d
8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2
8ff61350641628d42e54ce1f1a106126779dbd242670c4b544fb3013eb63d1ea
92562fad47f8965a23f1b04fb5a001b1d35fdc772eab5e066fbf2664e215a3b1
931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215
94fee81d12201cee36ebaf610f9f564ad36071b81c3305fafdb090414d9860cd
95c349263ff59cee51a2fe0aaf1dbda3226f6feb333a44a4cbe4c183cb4e0366
9b379fff591b8a9f83580fcddd22e13349a147b8d2c357a3cc9437c1729da092
9e84f6e3903704886fd892098abffec7ef1fb231f87cfbba43139d24c7f29815
9eb6ba40b2879785d23478f51604b6ce9d873adf6b8ddf49de98749997caad04
9fc36f193a902faa46847ab2f446bf40310d897d45a8a5650aebe81faec89c5d
9fe73cdf35c5a75629143af33a61c1876c83bee94bccc5193f1082c2a5d5f3d6
a114bca175a4dcf455ee2b5dcc9df6e39077cd0ed52e48c297efac2c837c35bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a98dfda27665a1d6b25a8b935043a0b26b8c03e7c9ea38097fa3252c06b6fd
a3f7bcab7a6f1330e20df36421420869f19ed31b018487fb075961ac11c1a48b
a40bcbbe49f186131472009fa50b6457886a637386585fa029932a8ffeffdc43
a5a7bb3fe747163050e86090c99a25ce810b4285398163363e151acf84a9525b
a6c62841d67a17cf39c2f2543499c5af54b7047db79befc284ce0554a8f50cd0
a8adc645ee4884555edd2d1f1f66d3c62182b4b3dc4c28f6b7a7addeb77d4cb6
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
aca460d0363305151c2de971cfae391722b11f4ebe68c02883157647ef745b8e
ae08c1f6207485d1366619c7d732888a12e97433efc9a72f8bae21cc956c0ef0
ae6ccbecb882f3edc3f742a60a60d75d93c9ffa2d3039cfdb5e1b900bd307e85
bd5dbb4ce6bfa26f569908d2bca1baf07cd73f5c2e1eba317c615e6a2c10a209
c3884d824f64bdeb8cf6b0d3206fbd90e387693532ff011ddade19c1408291a1
c725a8b39a90b240c476e1f8c4737bcb47d002eb24ae560b011021d6a9178e29
c8a3a3e0b932baa4a2619f796ff58c44741f8de97001c666d2ac0f6352c94ee9
c8effd9e52faff60c2192236e33e75b563ee156e86ec70ba358a07275692f1bb
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccaca02843fc52d8929bc53f1548195c3a5de19770ea14f8fadf206f8a145bee
cdc711394eb22ab4de4fa4315713214239181ff7f95a712a00c04afc645e0245
d13d97bf61b269e546615d0d8fad2bb9cd97d2bd804c77d5a102d76c720aee89
d228db3b420c185abda651b86467bcf845d981475a7453d992fbe2cfb1d3ee13
d311eb2d266ef16daac9c17ea2c6f074e9c0a542ed3f25ab209757947d59f8cc
d3246366d784b16d3528b9c8152cd58bcc9f48a392b10a4aa76f11380a3ce727
d53ae31112aa2b41ea425f2702a7c5563a122d75b725d9f8dd18856d378210d1
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c
d7288f61a59442ffd6b1ca8e6a3e10d085fe9c52b3297e1c0be771d6752a6fc0
d849225963e317e2b2a745c14cd800acec3fbd93a5f8b26ca3094deef15da296
da44324d9421e4ac73b1e56fe166bd8a51fa59fc512f2265b68020fb41c63a33
dd851eecbed034859bd7f58e2a76421ea7911a3add50ab6550d3beddafd1d793
e37dd4fd3a0f781d702329d74b13ef3b16459394babe3367b96dddaf3b2e658f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b31ca20a24f565a5a299472f323d691560ed065be5ebfc2262de966c7158b1
e4d67b1c232878a8491865829c10157b809e8cd546e5847dbad8e4c74620c865
e6b1e97a01308578d790ce5b04fee08caf2d49f5cb6463f6f73e4592f5ce8791
e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6
ea111de7079d12aa7391a331b5934ff9ed6f9aa789f8c948683403ae42b68a73
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
ec387818cc9e2f2a6d96e4ce99c013aa94de5553980d93e5fa12b4515daada85
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef800a46c8617b1c2c5ff2027cc0ab093b0f81184ae649d92efc544d186653bd
ef940e7ec30fe98b541634a1aae517f1b8435b8bac0326b6adbec237fa1b86cc
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f36388b702021d797692f27241047c9c364ceb197249b5d502255766766a2084
f67fada6ccb56a66aff672cb37a62dd54ea74dd96c3440ce29f3951d8712808b
f7bddb60e1b573f417061d9107202ce77303957fbd63555499f00589080fcfaa
fdcc549610d7ed282902b782e8aa74c9d27d2132a6921605c47560d963683a7a

secure.gratowin.com Open in urlscan Pro 147.78.140.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

146 Requests

98 %HTTPS

43 %IPv6

17 Domains

24 Subdomains

22 IPs

5 Countries

3191 kBTransfer

8624 kBSize

16 Cookies

1 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.gratowin.com Open in urlscan Pro
147.78.140.54 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

98 %
HTTPS

43 %
IPv6

17
Domains

24
Subdomains

22
IPs

5
Countries

3191 kB
Transfer

8624 kB
Size

16
Cookies

146 HTTP transactions
1 data transactions