secure.11gratowin.com Open in urlscan Pro
147.78.140.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.11gratowin.com/
Submission: On December 06 via automatic, source certstream-suspicious (December 6th 2023, 1:05:59 pm UTC) — Scanned from DE

Summary HTTP 147 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 147 HTTP transactions. The main IP is 147.78.140.21, located in Bulgaria and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is secure.11gratowin.com.
TLS certificate: Issued by E1 on December 6th 2023. Valid for: 3 months.

This is the only time secure.11gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	147.78.140.21 147.78.140.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	54.228.71.178 54.228.71.178	16509 (AMAZON-02) (AMAZON-02)
43	2a00:1450:400... 2a00:1450:4001:80b::201b	15169 (GOOGLE) (GOOGLE)
5	147.78.140.52 147.78.140.52	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	76.223.64.65 76.223.64.65	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:244... 2600:9000:2449:f600:16:65cb:3ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20a... 2600:9000:20a0:3200:19:2a6:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	18.245.60.51 18.245.60.51	16509 (AMAZON-02) (AMAZON-02)
1 4	147.78.140.54 147.78.140.54	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
18	2606:4700:303... 2606:4700:3033::ac43:dbbf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:239... 2600:9000:2394:5200:0:c0ab:5c00:93a1	16509 (AMAZON-02) (AMAZON-02)
147	21

43 147.78.140.21 (Bulgaria) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

secure.11gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.228.71.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:80b::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 147.78.140.52 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

analytics.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.64.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com

anakatechsupport.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2449:f600:16:65cb:3ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20a0:3200:19:2a6:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2afn796dyftlg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cms2.11gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-51.fra60.r.cloudfront.net

anakatech.uat1.evo-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.78.140.54 (Bulgaria) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3033::ac43:dbbf (United States)

ASN13335 (CLOUDFLARENET, US)

cms2.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2394:5200:0:c0ab:5c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 storage.googleapis.com — Cisco Umbrella Rank: 287	1 MB
45	11gratowin.com 1 redirects secure.11gratowin.com cms2.11gratowin.com	847 KB
18	netoplaycdn.com cms2.netoplaycdn.com	2 MB
6	gstatic.com fonts.gstatic.com	161 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
5	streamygame.com analytics.streamygame.com ga.streamygame.com	1 KB
4	antillephone.com 3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	51 KB
4	gratowin.com 1 redirects www.gratowin.com	5 KB
3	cloudfront.net d2afn796dyftlg.cloudfront.net	10 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 5165	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	186 KB
1	evo-test.com anakatech.uat1.evo-test.com	3 KB
1	certria.com b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	2 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 329	13 KB
1	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 20848	2 KB
1	freshchat.com anakatechsupport.freshchat.com	21 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	20 KB
147	17

	Domain	Requested by
43	storage.googleapis.com	secure.11gratowin.com
43	secure.11gratowin.com	1 redirects secure.11gratowin.com
18	cms2.netoplaycdn.com
6	fonts.gstatic.com	fonts.googleapis.com
4	3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	www.gratowin.com
4	www.gratowin.com	1 redirects secure.11gratowin.com www.gratowin.com
3	ga.streamygame.com	storage.googleapis.com secure.11gratowin.com
3	d2afn796dyftlg.cloudfront.net	secure.11gratowin.com d2afn796dyftlg.cloudfront.net
3	www.google-analytics.com	www.googletagmanager.com secure.11gratowin.com
3	mpsnare.iesnare.com	secure.11gratowin.com mpsnare.iesnare.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cms2.11gratowin.com	secure.11gratowin.com
2	analytics.streamygame.com	secure.11gratowin.com
2	www.googletagmanager.com	secure.11gratowin.com www.google-analytics.com
2	fonts.googleapis.com	secure.11gratowin.com client
1	anakatech.uat1.evo-test.com	secure.11gratowin.com
1	b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	secure.11gratowin.com
1	bat.bing.com	www.googletagmanager.com
1	web-sdk.smartlook.com	secure.11gratowin.com
1	anakatechsupport.freshchat.com	secure.11gratowin.com
1	maxcdn.bootstrapcdn.com	secure.11gratowin.com
147	21

This site contains links to these domains. Also see Links.

Domain
www.netopartners.com

Subject Issuer	Validity	Valid
secure.11gratowin.com E1	`2023-12-06` - `2024-03-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
analytics.streamygame.com Cloudflare Inc ECC CA-3	`2023-07-01` - `2024-06-30`	a year	crt.sh
*.freshchat.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh
1688964705.rsc.cdn77.org R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.seals-emr.certria.com AlphaSSL CA - SHA256 - G4	`2023-07-24` - `2024-08-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
11gratowin.com E1	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ga.streamygame.com Cloudflare Inc ECC CA-3	`2023-07-01` - `2024-06-30`	a year	crt.sh
*.cit1.evo-test.com SSL.com RSA SSL subCA	`2023-02-21` - `2024-03-16`	a year	crt.sh
www.gratowin.com Cloudflare Inc ECC CA-3	`2023-06-30` - `2024-06-29`	a year	crt.sh
netoplaycdn.com GTS CA 1P5	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.snippet.antillephone.com Starfield Secure Certificate Authority - G2	`2023-04-02` - `2024-05-03`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://secure.11gratowin.com/
Frame ID: 3756A46AC9EA923C7C3DD8954709781A
Requests: 132 HTTP requests in this frame

Frame: https://secure.11gratowin.com/brand-info.json
Frame ID: 8D3AD1FF988B5C42BB9B7E7AD5E4E927
Requests: 1 HTTP requests in this frame

Frame: https://secure.11gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 0ECD6202D679AD809DD227D6441ED53C
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=
Frame ID: F164FECB358FC1F01F340B9CC698B9D4
Requests: 2 HTTP requests in this frame

Frame: https://www.gratowin.com/seal.html
Frame ID: 62A20A59D3558E6178390F59751EB7BB
Requests: 5 HTTP requests in this frame

Frame: https://www.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 2BEABB0945FC53CDE81687762671B91D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GratoWin

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

147
Requests

97 %
HTTPS

70 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

5323 kB
Transfer

9349 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netopartners.com/
Title: Affiliates

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://secure.11gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.11gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 136

https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

147 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure.11gratowin.com/ 4 KB
2 KB 148ms
108ms Document
text/html 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d38943d97e898c50c2d84cf8b02eba6c75f37ee01c9966730c9891f15bdb1c5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache,max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8314be286c5a6ae6-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 06 Dec 2023 13:05:51 GMT
expires: Wed, 06 Dec 2023 13:05:51 GMT
last-modified: Tue, 14 Nov 2023 06:59:41 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1699945181022560
x-goog-hash: crc32c=H1AFAQ== md5=I7endsT/78IKps358dRunw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3062
x-guploader-uploadid: ABPtcPpmbCwEK3LHQQAbcYdpze6mjFbjMBhm7HWPZkcRKx-h_iJSAct_HC9AKk541uQ7Xk0xwNy_eTWhYA

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 190ms
68ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cfd2909b0463fd227763a7fd38530bc46cd675295141ab90901499b018e5e771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 12:50:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:05:51 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 42ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.11gratowin.com/
Origin: https://secure.11gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 78243
cdn-cachedat: 10/31/2023 18:48:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 0a6a470c5dcefd494ed279c38d6071ce
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8314be293b8018b5-FRA
cdn-requestpullsuccess: True

GET
H2 200 dot-pulse.css
secure.11gratowin.com/ 4 KB
1 KB 27ms
26ms Stylesheet
text/css 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/dot-pulse.css
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23
x-guploader-uploadid: ABPtcPrg32Zb59oDjfq4LEMgLG2nIS1-Px5Y0kREv8W1ZrbTxNk1srLQSjt-evNLAJH2rE9HMtBpdsTGkw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"63ec6ad3f23feea868bb8ad6eb2c62d1"
vary: Accept-Encoding
x-goog-generation: 1699945059192236
content-type: text/css
x-goog-hash: crc32c=Z/NCrA==, md5=Y+xq0/I/7qhou4rW6yxi0Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 4542
cf-ray: 8314be291d2d6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:28 GMT

GET
H2 200 offline-js-script.js Show response
secure.11gratowin.com/ 16 KB
4 KB 29ms
28ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/offline-js-script.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aae23685ad6563cbbb3e33632fb29c31078254370c57be634b7a80f173ce708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23
x-guploader-uploadid: ABPtcPr4Dy2N3AZdn48ZkQ3-NWVcW4-mUpjVB37155CsKfuAhZj2pvmgUHQS96s3f2RNufcwUn0dixUbyw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"1eda92aed77dbe82805bdea3a910830e"
vary: Accept-Encoding
x-goog-generation: 1699945059887378
content-type: application/javascript
x-goog-hash: crc32c=gzFIHw==, md5=HtqSrtd9voKAW96jqRCDDg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 16008
cf-ray: 8314be291d326ae6-FRA
expires: Wed, 06 Dec 2023 14:05:28 GMT

GET
H2 200 338.6d041aaa77d67108e45e.css
secure.11gratowin.com/ 91 KB
26 KB 28ms
27ms Stylesheet
text/css 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/338.6d041aaa77d67108e45e.css
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e205c59d44f4f0a0c66989238c8b818b3628171c2f4d912810a09a92d03905e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23
x-guploader-uploadid: ABPtcPoxe1MNnjONlg_uWQ3QOSBSagTHdR0Dmjc3yM7T5muiEhDh5NJ7AXtvqNxKJ8H0RnTUqXI_wtwboQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:15 GMT
server: cloudflare
etag: W/"169df439afd57dfa90a709509d56df2f"
vary: Accept-Encoding
x-goog-generation: 1699945035422481
content-type: text/css
x-goog-hash: crc32c=nArb0A==, md5=Fp30Oa/VffqQpwlQnVbfLw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 93124
cf-ray: 8314be291d2f6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:28 GMT

GET
H2 200 main.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 2 MB
515 KB 30ms
30ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/main.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ba589e030b6b1b37aa2dd5ef0a663660368999f9e23e5c686d72210529dcb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23
x-guploader-uploadid: ABPtcPo-TLc5hQENIJ16WOhG9PrTVqM4r4OtsWa7yhAdwWtV2HP5vn_IPmsPYWO4g0w26hAf3SI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"650f81be80bb01b9aaf72de19ad3a342"
vary: Accept-Encoding
x-goog-generation: 1699945059516683
content-type: application/javascript
x-goog-hash: crc32c=WVI+2A==, md5=ZQ+BvoC7Abmq9y3hmtOjQg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2156847
cf-ray: 8314be291d346ae6-FRA
expires: Wed, 06 Dec 2023 14:05:28 GMT

GET
H2 200 runtime.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 6 KB
3 KB 31ms
30ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172bd24482eb3ee7cd47d845136150246425e03c2867139e8cd2caf0160ef80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23
x-guploader-uploadid: ABPtcPpS7ASxwXWquJLggdX12apZlbcHmcfAuMZLyAFLhcVWk09WsfjfTzTCPHu9hLN9mVXBLs3C_hirjA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"1349dd4a7f222c492ad179f049b5e69c"
vary: Accept-Encoding
x-goog-generation: 1699945059970514
content-type: application/javascript
x-goog-hash: crc32c=bTkNWA==, md5=E0ndSn8iLEkq0XnwSbXmnA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 6015
cf-ray: 8314be291d356ae6-FRA
expires: Wed, 06 Dec 2023 14:05:28 GMT

GET
H2 200 1_pixel.png
secure.11gratowin.com/assets/images/ 2 KB
2 KB 32ms
31ms Image
image/png 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/images/1_pixel.png
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
cf-cache-status: HIT
age: 23
x-guploader-uploadid: ABPtcPo7eF1R3iloCCDUGcCyuyaypCk4zgmC3bi_UmYgDJzzXPX1jzvPCOjvxibe8hGs7vSi0PCKDYhVnw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1943
last-modified: Tue, 14 Nov 2023 06:57:44 GMT
server: cloudflare
etag: "f0601ed2d0bef14ed7ce4793b13a670b"
vary: Accept-Encoding
x-goog-generation: 1699945064001309
content-type: image/png
x-goog-hash: crc32c=hQGYGw==, md5=8GAe0tC+8U7XzkeTsTpnCw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1943
accept-ranges: bytes
cf-ray: 8314be291d376ae6-FRA
expires: Wed, 06 Dec 2023 14:05:28 GMT

GET
H2 200 iovation-script.js Show response
secure.11gratowin.com/ 5 KB
2 KB 32ms
31ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/iovation-script.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd039d1d5621472a25b228ca3f48c08aef9cabf180e982530cd84a3abc04555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 23
x-guploader-uploadid: ABPtcPrNF6r1ZTRd3kFSZbGn-qTF9OtWjzp1Xo6k0sZU-k0WrlqY_upssRLtaAgw6CLMZDPJh-W9X4p6hA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"76098bc71cf65bf3e16dcba0dd42b6ec"
vary: Accept-Encoding
x-goog-generation: 1699945059516961
content-type: application/javascript
x-goog-hash: crc32c=OvAm8g==, md5=dgmLxxz2W/Phbcug3UK27A==
cache-control: public, max-age=3600
x-goog-stored-content-length: 5514
cf-ray: 8314be29bdf56ae6-FRA
expires: Wed, 06 Dec 2023 14:05:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 424 KB
101 KB 230ms
114ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99cdf6f6961a036e078d82290a9a594286fb52552d0160adb387e7ca60c5f1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103479
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 13:05:51 GMT

GET
H2 200 brand-info.json Show response
secure.11gratowin.com/ Frame 8D3A 810 B
594 B 54ms
53ms Document
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/brand-info.json
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215

Request headers

Referer: https://secure.11gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8314be2a5e956ae6-FRA
content-encoding: gzip
content-type: application/json
date: Wed, 06 Dec 2023 13:05:51 GMT
etag: W/"2591ae3250ac9433c6a7e9ab77315c90"
expires: Wed, 06 Dec 2023 14:05:51 GMT
last-modified: Sun, 03 Jan 2021 08:59:18 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1609664358830795
x-goog-hash: crc32c=uP0vxg== md5=JZGuMlCslDPGp+mrdzFckA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 810
x-guploader-uploadid: ABPtcPqsMuLVj59plJTbF4KMlt_s_fjUnuNiaqzTeSIWABNvx_E4CmFacn1nwxkvsF9Ts991GAYojbSgGg

GET
H2 404 static_wdp.js
secure.11gratowin.com/iojs/general5/ 0
0 62ms
61ms Script
application/xml 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/iovation-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
x-guploader-uploadid: ABPtcPqPj-ygQ4Y6_sSUS4c1BNV8sprKNkGG04n9vAU1UrUzjSUPkuWAD64oyU0MBElDDithgmLS9rKJ_w
vary: Accept-Encoding
content-type: application/xml; charset=UTF-8
cache-control: private, max-age=0
cf-ray: 8314be2a5ea26ae6-FRA
expires: Wed, 06 Dec 2023 13:05:51 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
20 KB 116ms
34ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/iovation-script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ead4316244132a546befbaed54baaed4f362b3846aea784ee188e94f83ccacd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 06 Dec 2023 13:05:51 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H2

200

main.js Show response
secure.11gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 0ECD
Redirect Chain

https://secure.11gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.11gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

21ms
20ms

Script
application/javascript

147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.11gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/

Protocol

Server

147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ae00860c65aebae277fd401ca0d2b0403dc071df4d0568b5384739a13ad5e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8314be2b3fc96ae6-FRA

Redirect headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8314be2b1f906ae6-FRA

GET
H2 200 appData Show response
secure.11gratowin.com/playerapi/ 66 KB
18 KB 127ms
126ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/playerapi/appData?language=en&device=DESKTOP&timestamp=1701867951854&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a9425a082082e3913ccb6e66f53f00ae2a72c7fbb4ec86bc12f08c4f61af753d

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
ldAlias

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"108e1-/RltZgMY3P89hz0aF2faIH/Kyoo"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=xUoiKU8on46cvKuZWP9IJ4TXeG0FqlTYu5fJeJ_eGSM-1701867951-0-Ae2BmyJn_71X6uXMbiug3K36EFXxAltQhSeMC1zLk2Frk1rIkzWquTd-tnaL1iCAo_ZVMMH3YIKznFId5_a-7kYsAyBay8Ijuw5E5EPsUNhwU9_9tuT8rznrx3O151Ic8dM8KTu1wA_GBPd1DNixh2RScTk73KvsAokZwHftQjDK"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=xUoiKU8on46cvKuZWP9IJ4TXeG0FqlTYu5fJeJ_eGSM-1701867951-0-Ae2BmyJn_71X6uXMbiug3K36EFXxAltQhSeMC1zLk2Frk1rIkzWquTd-tnaL1iCAo_ZVMMH3YIKznFId5_a-7kYsAyBay8Ijuw5E5EPsUNhwU9_9tuT8rznrx3O151Ic8dM8KTu1wA_GBPd1DNixh2RScTk73KvsAokZwHftQjDK; report-to cf-csp-endpoint
access-control-allow-credentials: true
cf-ray: 8314be2b1fa46ae6-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 appStaticData Show response
secure.11gratowin.com/playerapi/ 2 KB
1 KB 239ms
239ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/playerapi/appStaticData?language=en&device=DESKTOP&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ad0a5aaf5beef1b7f83831e638044e664c4b2e702268137c23f974bf821dc525

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
ldAlias

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"873-CCGlbbOnfhIfnkcJy9Z9GgBOlcw"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 8314be2b2fa76ae6-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 8.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 11 KB
12 KB 167ms
53ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/8.png
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:06 GMT
age: 2626
x-guploader-uploadid: ABPtcPoLYeVLVgKM62BGzl6npbG8PtlX_6bBT9Io6tR4MjhHbFFdLtRHBfXXGWWDTUL-_BZNUXKp5YJsYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11475
last-modified: Mon, 14 Dec 2020 09:52:31 GMT
server: UploadServer
etag: "21a5358c0ea98af8a9aa561c2bffb91d"
x-goog-generation: 1607939551876388
x-goog-hash: crc32c=uYCRdA==, md5=IaU1jA6pivipqlYcK/+5HQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 11475
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:06 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 31ms
31ms Script
text/javascript 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

93e7b187ef5ff6c36f048c0302efb81dc4333f4fdcc8045a9e4f6395d13e1ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 13:05:51 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Thu, 05 Dec 2024 13:05:51 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 58ms
32ms Media
audio/mpeg 54.228.71.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.4220417067058613

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-71-178.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c53355d0aeb687aedd3c0448b3038b16006e8c4b20eeefdbd8c16972244373e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://secure.11gratowin.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Wed, 06 Dec 2023 13:05:51 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 8314be286c5a6ae6 Show response
secure.11gratowin.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0ECD 0
288 B 45ms
45ms XHR
text/plain 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/cdn-cgi/challenge-platform/h/b/jsd/r/8314be286c5a6ae6
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:05:51 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8314be2bb8ad6ae6-FRA
content-type: text/plain; charset=UTF-8

OPTIONS
H2 403 event
analytics.streamygame.com/ Frame 0
0 98ms
70ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.11gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8314be2c2fcb9b5b-FRA
date: Wed, 06 Dec 2023 13:05:52 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 widget.js Show response
anakatechsupport.freshchat.com/js/ 66 KB
21 KB 329ms
104ms Script
application/javascript 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://anakatechsupport.freshchat.com/js/widget.js

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/main.6d041aaa77d67108e45e.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: 00-7726fe76453df97e2704cfaf5dda1cbe-e3faa2d9bf16d42c-00
date: Wed, 06 Dec 2023 13:05:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 5kljg
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: 916bd6ab-8aab-4e4a-a5a1-b0bffdb31ad4

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 6 KB
2 KB 38ms
6ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/main.6d041aaa77d67108e45e.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

eb26e4def0ae597b119310e3c3fa2d5eea2b5dbdd640baa3dd177661d140e75b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 06 Dec 2023 13:05:52 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-age-lb: 428
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-accel-date: 1701867524
x-77-nzt: EgwBnJIhiAH3rAEAAAwB1GY4CQH3AAAAAA
x-accel-expires: @1701868124
x-77-age: 428
x-cache-lb: HIT
last-modified: Mon, 04 Dec 2023 13:03:50 GMT
server: CDN77-Turbo
etag: W/"656dce36-17d1"
x-77-nzt-ray: f6587a1d6d377177b07170654265c301
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

POST event
analytics.streamygame.com/ 0
0

POST
H2 200 getAll Show response
secure.11gratowin.com/translations/ 4 KB
1 KB 98ms
98ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/translations/getAll?requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 33ca242f06daeb930a6a59b6a05524346af8001865296169457b029398f15a6e

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1020-7NTqgUCWmhrJQlz1wKKl8YhkPR8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.11gratowin.com
access-control-allow-credentials: true
cf-ray: 8314be2c08fa6ae6-FRA

GET
H2 200 en.json Show response
secure.11gratowin.com/i18n/lang/ 233 KB
50 KB 66ms
66ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/i18n/lang/en.json?requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3fa57defbf5abea94ccbabc3b59b8d14cc4b1b02a27406d1320a67e56e24a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-guploader-uploadid: ABPtcPopCOec8hwCgNFf-2u8DzJmp95A7k-VM3UI-dFzUxzxrtaAxebKCztoU1lqbvncJgz-vhEsy_Skrg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Fri, 24 Nov 2023 09:07:07 GMT
server: cloudflare
etag: W/"f1891dcacc73b80f27e241471a41c637"
vary: Accept-Encoding
x-goog-generation: 1700816827274573
content-type: application/json
x-goog-hash: crc32c=MCr38Q==, md5=8YkdysxzuA8n4kFHGkHGNw==
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 238825
cf-ray: 8314be2c08fe6ae6-FRA
expires: Wed, 06 Dec 2023 13:05:52 GMT

POST
H2 200 getAll Show response
secure.11gratowin.com/translations/ 4 KB
1 KB 145ms
145ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/translations/getAll?requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 33ca242f06daeb930a6a59b6a05524346af8001865296169457b029398f15a6e

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1020-7NTqgUCWmhrJQlz1wKKl8YhkPR8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.11gratowin.com
access-control-allow-credentials: true
cf-ray: 8314be2c09016ae6-FRA

OPTIONS
H2 403 event
analytics.streamygame.com/ Frame 0
0 35ms
35ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.11gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept
access-control-allow-methods: GET, POST, PUT, DELETE
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8314be2c98359b5b-FRA
date: Wed, 06 Dec 2023 13:05:52 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 vendors~Cashier~GameFrame~GameFrameValidations~Lobby~StartSessionModal.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 13 KB
4 KB 26ms
25ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/vendors~Cashier~GameFrame~GameFrameValidations~Lobby~StartSessionModal.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067b6ebcefa5dbbd0af6ae707c21061eb841b515e0ea1617c95917ecff0fad24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPpD_MMtHWjnKsBlTwt1sBY8eLQZ8zrOVtflVtcawMWgdjVDhxzFI1QKrGev5pkPItHvJK40FTXZyA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:40 GMT
server: cloudflare
etag: W/"45b5384ab2484378450672f4768bd77b"
vary: Accept-Encoding
x-goog-generation: 1699945060019667
content-type: application/javascript
x-goog-hash: crc32c=bxNo9g==, md5=RbU4SrJIQ3hFBnL0dovXew==
cache-control: public, max-age=3600
x-goog-stored-content-length: 13073
cf-ray: 8314be2c89a56ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 vendors~Cashier~GameFrame~GameFrameValidations~Lobby.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 17 KB
6 KB 27ms
26ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/vendors~Cashier~GameFrame~GameFrameValidations~Lobby.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea47861f3a7ed205a8c8d83e3756164f4a0987d6bf7421b5599e94abf7d03d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPoCLT_M3eZN91GLYTKGqmaUbMJtE-Z3MRtVxUv1M_o1b96Ez4ZVjIdzLRVNcJ26ShcR5A929mWadw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"3b8d562ffff5094ee781950a07206325"
vary: Accept-Encoding
x-goog-generation: 1699945059862728
content-type: application/javascript
x-goog-hash: crc32c=d1mA8g==, md5=O41WL//1CU7ngZUKByBjJQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 17387
cf-ray: 8314be2c89a76ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 vendors~Lobby~Slider.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 57 KB
15 KB 29ms
29ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/vendors~Lobby~Slider.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e47ee54e22ca42f903eb52bc711f60d93b05f595eb5f65454da85f4dc81036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPqO8Rrs7FDCzo17HLeHgMEv-UXr8IsZMzcdyRxPg9pZxCCBiNcCK9LBHj2lkz3oGVWyW7o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:40 GMT
server: cloudflare
etag: W/"37952628c0efa7dbaf808d0459ad19ba"
vary: Accept-Encoding
x-goog-generation: 1699945060395954
content-type: application/javascript
x-goog-hash: crc32c=27WKrA==, md5=N5UmKMDvp9uvgI0EWa0Zug==
cache-control: public, max-age=3600
x-goog-stored-content-length: 57987
cf-ray: 8314be2c89a86ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 vendors~Lobby.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 15 KB
5 KB 28ms
27ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/vendors~Lobby.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f54553274f460f9d71d346b32bd34d7c4b1c3d968cdc1a7075cf22863be49de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPoDkantsLuXlXel4DffzT223p1j3W0tmS7XY3tja2Ztwhr__d8IxEnzBmcRCeFrmzE1LB8DLJ2rEg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:40 GMT
server: cloudflare
etag: W/"d1b65c82f645e18a461f77ea8d25faac"
vary: Accept-Encoding
x-goog-generation: 1699945060419963
content-type: application/javascript
x-goog-hash: crc32c=KtYqhQ==, md5=0bZcgvZF4YpGH3fqjSX6rA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 15071
cf-ray: 8314be2c89ab6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 312.6d041aaa77d67108e45e.css
secure.11gratowin.com/ 131 KB
18 KB 30ms
30ms Stylesheet
text/css 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/312.6d041aaa77d67108e45e.css
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8277b0b9a43b24cb577a0b5e8eb07e4bb293bed4b79bf523a11aebc4343a1ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPqH71K1lO62QJCiOFYN9tfxjWxJNmq-gl3FBbSDqu8OM98QGonUKfx7wIaPgjPIxfeeOYm7c72zwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:14 GMT
server: cloudflare
etag: W/"0808763e32a62725a26f7614215e3745"
vary: Accept-Encoding
x-goog-generation: 1699945034235877
content-type: text/css
x-goog-hash: crc32c=iKyNGA==, md5=CAh2PjKmJyWib3YUIV43RQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 134273
cf-ray: 8314be2c89ad6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 Lobby.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 228 KB
67 KB 27ms
27ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/Lobby.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ed2a63dfad9be57d2789d4f079fd7c67328f9467b5cce4539e4dd0c98a73a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPq_HCWbjyOB4M4OtuNwZNUiXTT1uZBs7OZ08rUqTRYkoqnK7GJvxpdLFenLZOd7GlV2OB8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:36 GMT
server: cloudflare
etag: W/"de1ae272213a25d460d7eb1c87586495"
vary: Accept-Encoding
x-goog-generation: 1699945056927312
content-type: application/javascript
x-goog-hash: crc32c=5yJvWQ==, md5=3hriciE6JdRg1+sch1hklQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 233875
cf-ray: 8314be2c89b16ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 refreshToken Show response
secure.11gratowin.com/playerapi/ 29 B
285 B 38ms
38ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/playerapi/refreshToken?device=DESKTOP&language=en&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
ldAlias

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1d-8FgmlGBAlsa83L78oaBAOCRXFa8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8314be2c89b26ae6-FRA
swagger-api-docs-url: /playerapi

POST event
analytics.streamygame.com/ 0
0

HEAD
H2 404 favicon.ico Show response
secure.11gratowin.com/ 0
243 B 106ms
106ms XHR
text/html 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/favicon.ico?_=1701867952102
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPqlQd12YWh_avdybaKNnWACzW48dIhiZ8jY2EMWjh7yk_X4PnCLx5Wh2ymUBuyneKuK6xmIbToP4Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:59:41 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1699945181022560
content-type: text/html
x-goog-hash: crc32c=H1AFAQ==, md5=I7endsT/78IKps358dRunw==
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 3062
cf-ray: 8314be2ca9d46ae6-FRA
expires: Wed, 06 Dec 2023 13:05:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 161ms
51ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 11:22:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 06 Dec 2023 13:22:33 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 56ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 06 Dec 2023 13:05:51 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 931E919731A145949864B26515B38DDB Ref B: FRAEDGE2019 Ref C: 2023-12-06T13:05:52Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 emr-seal.js Show response
b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com/ 3 KB
2 KB 158ms
86ms Script
text/javascript 2600:9000:2449:f600:16:65cb:3ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com/emr-seal.js

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/main.6d041aaa77d67108e45e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:f600:16:65cb:3ac0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9efb48d2f94efd3e71b124869e7f8dc19c36cda80d1f4fcf34544eacc5fe237b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 b7f8e0880cd5f19b3036b75b021c1c76.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: AMS58-P6
x-powered-by: Express
etag: W/"c61-PqIKRuL/MuFyoikjBd0gQZ7/gG8"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 8314be2d4cbc1953-FRA
x-amz-cf-id: qOphRAs6oDGsuOMBShNk52UN7n9kFZ9UuPCFclUTlc7hlY7G3XH-lQ==

GET
H2 200 oapit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 37 KB
8 KB 63ms
15ms Script
application/javascript 2600:9000:20a0:3200:19:2a6:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:3200:19:2a6:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aee37563498c6b9d28eda1e4fa7fddeb8b8f8223b623a0767c7fcd3bc3348ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:02:53 GMT
content-encoding: gzip
via: 1.1 012634059e5295fc11d3d3daf0b68c7e.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 13:20:43 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 194
x-amz-server-side-encryption: AES256
etag: W/"cda051ce7e5e3d189d1ed6d991e9c013"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: IRp8zY4HOOvUnIn_LP0JZQL90QYYgoS2Nwi-HbvrVkPb5TGm28MymA==

GET
H2 200 JackpotAnimation.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 6 KB
2 KB 24ms
24ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/JackpotAnimation.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9207ac8f91fe621faaaf513e98755be395dfe1987950a0ad1aa508c8637b96d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPp6B5GITr3EVXREyEnTmH2Q2ruMHolEfXsCKm26Om7s9_4TjfmapfsrPLDfHXGNs-pYO57C94SK0A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:36 GMT
server: cloudflare
etag: W/"f98caebc31f24d6919364cb42c78cc94"
vary: Accept-Encoding
x-goog-generation: 1699945056545001
content-type: application/javascript
x-goog-hash: crc32c=mXRH9Q==, md5=+YyuvDHyTWkZNky0LHjMlA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 6486
cf-ray: 8314be2cd9fc6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 BonusAnimation.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 8 KB
3 KB 23ms
23ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/BonusAnimation.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab342fcaeef1cb265817783f2f8454961b3259dae4c0ce05af1fa2392f02de2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPoCIFifDlBpOWuF1lt1jf02h-c9QuqviMDK0lWLu46a3oQdwyIsBriYWtjw6qKGDzUfzBQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:34 GMT
server: cloudflare
etag: W/"6fbdf7e7e84aac0af9a6b717c27c353f"
vary: Accept-Encoding
x-goog-generation: 1699945054639323
content-type: application/javascript
x-goog-hash: crc32c=wIwV6Q==, md5=b7335+hKrAr5prcXwnw1Pw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 8033
cf-ray: 8314be2cd9fe6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 LimitNotification.6d041aaa77d67108e45e.bundle.js Show response
secure.11gratowin.com/ 5 KB
2 KB 22ms
22ms Script
application/javascript 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/LimitNotification.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc0a5ec70e694026143af49e4d9bc423d812096c1b7d3bdc6e65dde3e891b409

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPpqvWUXezlBeDIVofA__vsh_fPwgU4GuWCyF0NwR0I5p7ZgRub4xi81j94w2jlKtC6RFj4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:37 GMT
server: cloudflare
etag: W/"4c78bd6fd07ae043dff7ba18b777883f"
vary: Accept-Encoding
x-goog-generation: 1699945057021819
content-type: application/javascript
x-goog-hash: crc32c=H74Psw==, md5=THi9b9B64EPf97oYt3eIPw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 4886
cf-ray: 8314be2cd9ff6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

HEAD
H2 404 favicon.ico Show response
secure.11gratowin.com/ 0
113 B 105ms
105ms XHR
text/html 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/favicon.ico?_=1701867952133
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPpXdOeRQBNKeu2aMZyItXQfue5v4spOdqEGHK4a6RkFk4JvA1g8sJ_6vmyUhPCSNT1q9ve-O-Lm9A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:59:41 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1699945181022560
content-type: text/html
x-goog-hash: crc32c=H1AFAQ==, md5=I7endsT/78IKps358dRunw==
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 3062
cf-ray: 8314be2cda0b6ae6-FRA
expires: Wed, 06 Dec 2023 13:05:52 GMT

GET
H2 200 / Show response
cms2.11gratowin.com/drupal_templates/slider/ 29 KB
4 KB 3394ms
3344ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.11gratowin.com/drupal_templates/slider/?lang=en&brandId=8&playerType=0&lobbyTemplateId=3&selectedGameTab=1&isLoggedIn=false&eligibleForRegulationMarketing=true&eventStartDates=1701432000000&eventEndDates=1704196800000&eventWinnerEndDates=&eventTypes=901&activityType=P&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82868382cc5ca3ed568f5d3fce7cdf50781aecc416575e62e43a3de5713f1215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JCDSUdw9%2FNuemBRnMGT9zv9snLD2%2FCr%2BpugT9g7zWZsRPAgYN7QOWm8PELgpSzxwgrL8GqmYobE13Fbzq2L5DxiZyXyOQEcvydTsaALoTTZRKTPU0tLM7rpsJTMNAyyaQ9fXZW4KpyH3jgG6zk5c8iF"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.11gratowin.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8314be2d4a2e35e6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
cms2.11gratowin.com/drupal_templates/footer// 21 KB
4 KB 1843ms
1797ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.11gratowin.com/drupal_templates/footer//?lang=en&regCountry=undefined&login=0&state=&brandId=8&currency=undefined&type=&playerType=0&eventTypes=&eventStartDates=&eventEndDates=&eventWinnerEndDates=&isLoggedIn=false&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032a1486229f01239ebdeef9bff74f20b2dc74187a1e2fb6e6022575c3e728d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVYLxytb8i9KzjcHGwTfKX1cgh6xAzhV75dNuHXlIElaXhrVOwvYYj6o6gjCehLSAcIjyUTc%2BsabxcGUrx9FwIrEOWybLRobpzsV%2FxBH9kkAH4w7ZDpC7N67xvPx%2B2mIQe3LD1zpqjgLPllWOmslTqcS"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.11gratowin.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8314be2d4a2c35e6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 52 KB
53 KB 55ms
54ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/logo.png
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:46:21 GMT
age: 1171
x-guploader-uploadid: ABPtcPrK1y5AzWvWXn6Ng04S__-DD-UwsQM3z8isgJkabdWb1BdM18m80ejrts0AEaPxm3qb9ok
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53570
last-modified: Sun, 06 Sep 2020 14:56:18 GMT
server: UploadServer
etag: "8da035e6e305e63288d58c81e1cb6316"
x-goog-generation: 1599404178125470
x-goog-hash: crc32c=F2Tmng==, md5=jaA15uMF5jKI1YyB4ctjFg==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 53570
accept-ranges: bytes
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 07:59:49 GMT
expires: Wed, 06 Dec 2023 13:46:21 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 169ms
54ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.11gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:11:22 GMT
x-content-type-options: nosniff
age: 147270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:11:22 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924

Request headers

Referer
Origin: https://secure.11gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H2 200 getRecentWinnings Show response
secure.11gratowin.com/playerapi/recentWinnings/ 3 KB
834 B 86ms
86ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/playerapi/recentWinnings/getRecentWinnings?currency=EUR&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7275c870b1915062e612686a5aa1954f1a9d189f6380feaee9715dc0acd32068

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
ldAlias

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"ae2-HBjko2DQDPon1VwSMKADE/9+ua4"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8314be2d0a4c6ae6-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getJackpotGameDetails Show response
secure.11gratowin.com/playerapi/games/ 216 B
246 B 58ms
58ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
ldAlias

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"d8-JgpI/fzMDIZ27W48J+QlmA3pDJY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8314be2d0a4d6ae6-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getJackpotGameDetails Show response
secure.11gratowin.com/playerapi/games/ 216 B
382 B 50ms
50ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
ldAlias

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"d8-JgpI/fzMDIZ27W48J+QlmA3pDJY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8314be2d1a506ae6-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 games Show response
secure.11gratowin.com/playerapi/ 1011 KB
75 KB 851ms
851ms XHR
application/json 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/playerapi/games?country=DE&device=desktop&requestURL=https%253A%252F%252Fsecure.11gratowin.com
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 47e2cfafc5d22b9180058966ddbb570236f349b5e19d993d89e96a3bd37a70b2

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
ldAlias

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"fcb6c-TOnKCXKurmChaDfoJIWKaf1NRlY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8314be2d1a526ae6-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 joinNow-icon.svg
secure.11gratowin.com/assets/internal-icons/ 402 B
531 B 26ms
24ms Image
image/svg+xml 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/internal-icons/joinNow-icon.svg
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPpdxq5EQx_RySbigxWMVKICst0SoMKPKSr3v9DxPIX46Kn7MHsBLeNCt4HXEy4it7-Ky44
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:53 GMT
server: cloudflare
etag: W/"fcf6455fb9d2e83224da551cc3054ff6"
vary: Accept-Encoding
x-goog-generation: 1699945073298548
content-type: image/svg+xml
x-goog-hash: crc32c=7BBWuA==, md5=/PZFX7nS6DIk2lUcwwVP9g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 402
cf-ray: 8314be2d1a586ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 login-icon.svg
secure.11gratowin.com/assets/internal-icons/ 510 B
1 KB 27ms
26ms Image
image/svg+xml 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/internal-icons/login-icon.svg
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPqtPJCgvTG7Lw6GL4NeXeu1jKXs546krjyn3bG8PARZuoVX63q8xz0iwyn8EHqXDAi8TCJmbS35fw
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=9gloZlYJgLFaopStlCK6SqLn3UmwvKP0xOKsL37T.EM-1701867952-0-AduiVDHnOPJrxsiaX8E1Y8N139dg-xvb88LRUeZXhhzyPhQJSb5X0uivNSzOsWu7Mr7bD9bNRAfo1sc9bVVM7-J6nB5WZVTVEvlBOWXj6QnlwwWWprDA0o7ASvsqTrSCYOVqOU6mqBTznpYN8EdFyjxX9go3rKB0GsVTfmtgkhNU; report-to cf-csp-endpoint
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:53 GMT
server: cloudflare
etag: W/"0ca8fb0f2089abf726d203bee36c8cbc"
vary: Accept-Encoding
x-goog-generation: 1699945073730501
content-type: image/svg+xml
x-goog-hash: crc32c=UXvSvQ==, md5=DKj7DyCJq/cm0gO+42yMvA==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=9gloZlYJgLFaopStlCK6SqLn3UmwvKP0xOKsL37T.EM-1701867952-0-AduiVDHnOPJrxsiaX8E1Y8N139dg-xvb88LRUeZXhhzyPhQJSb5X0uivNSzOsWu7Mr7bD9bNRAfo1sc9bVVM7-J6nB5WZVTVEvlBOWXj6QnlwwWWprDA0o7ASvsqTrSCYOVqOU6mqBTznpYN8EdFyjxX9go3rKB0GsVTfmtgkhNU"}],"group":"cf-csp-endpoint","max_age":86400}
x-goog-stored-content-length: 510
cf-ray: 8314be2d1a596ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 promotions-icon.svg
secure.11gratowin.com/assets/internal-icons/ 1 KB
949 B 24ms
23ms Image
image/svg+xml 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/internal-icons/promotions-icon.svg
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384ca46673f9d9209ecf6b510aa5e67e5e6e8c5762d7b5c8e643dfc96fb96031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPoOBhG9RK-lAxSseoVU7MB8RD1uTh2tuVEZtFOSUMO5bydatAx_-h4cCh-Zxszgddjm8zS-CoiFCg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:54 GMT
server: cloudflare
etag: W/"9761427b1a19bf0f0d615356a9ea92a7"
vary: Accept-Encoding
x-goog-generation: 1699945074269638
content-type: image/svg+xml
x-goog-hash: crc32c=hjcbWg==, md5=l2FCexoZvw8NYVNWqeqSpw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1412
cf-ray: 8314be2d1a5b6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 vipClub-icon.svg
secure.11gratowin.com/assets/internal-icons/ 529 B
653 B 24ms
24ms Image
image/svg+xml 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/internal-icons/vipClub-icon.svg
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPrqnxkgREfllUVgAa-rbCe8PubTLUKAdYbGeM-EIpXwMNitmJdZASmG_DVWO5-ih3iwFX7XTBNqrg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:54 GMT
server: cloudflare
etag: W/"725a97efe97819c4531fbe67de1b54c9"
vary: Accept-Encoding
x-goog-generation: 1699945074706622
content-type: image/svg+xml
x-goog-hash: crc32c=aXyrag==, md5=clqX7+l4GcRTH75n3htUyQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 529
cf-ray: 8314be2d1a5c6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 banking-icon.svg
secure.11gratowin.com/assets/internal-icons/ 2 KB
1 KB 27ms
26ms Image
image/svg+xml 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/internal-icons/banking-icon.svg
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPohtsg_byTmWPgzRQWtIpXg1JMML8wZQC5muyZBsfgVZ6WFBDO82Zq_FOEEgGMXJfnyoic
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:51 GMT
server: cloudflare
etag: W/"97b0c09efe576a5c2df1da456faceec4"
vary: Accept-Encoding
x-goog-generation: 1699945071564746
content-type: image/svg+xml
x-goog-hash: crc32c=zejJ6A==, md5=l7DAnv5Xalwt8dpFb6zuxA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2300
cf-ray: 8314be2d1a5e6ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 contact_us-icon.svg
secure.11gratowin.com/assets/internal-icons/ 522 B
613 B 28ms
27ms Image
image/svg+xml 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/internal-icons/contact_us-icon.svg
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPokB6Tz22B3xTJnvQ3xHq4jGn1FpaCqHB4XDSJptCj3GWod3AJ9km6iw6yYYEJxhHkawiXZVQld1Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:52 GMT
server: cloudflare
etag: W/"b48b2b51825c35ae80e02c41711e7c68"
vary: Accept-Encoding
x-goog-generation: 1699945072419701
content-type: image/svg+xml
x-goog-hash: crc32c=fs4Iyg==, md5=tIsrUYJcNa6A4CxBcR58aA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 522
cf-ray: 8314be2d1a606ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 languages-icon.svg
secure.11gratowin.com/assets/internal-icons/ 2 KB
1 KB 28ms
28ms Image
image/svg+xml 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/internal-icons/languages-icon.svg
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABPtcPrCJ7uAQuSWJ5LOWLCpsUXfwy7IrWRDZ9kVQ5utquWgTAad535vkKMYVKk-geEFMltI9a_heCe_zw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:53 GMT
server: cloudflare
etag: W/"0e648574a50c4a2f1572086f886ee580"
vary: Accept-Encoding
x-goog-generation: 1699945073298967
content-type: image/svg+xml
x-goog-hash: crc32c=15Fj5Q==, md5=DmSFdKUMSi8VcghviG7lgA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1925
cf-ray: 8314be2d1a616ae6-FRA
expires: Wed, 06 Dec 2023 14:05:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 191ms
134ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.11gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:25:42 GMT
x-content-type-options: nosniff
age: 402010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 21:25:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 173ms
117ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.11gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:53:31 GMT
x-content-type-options: nosniff
age: 130341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 00:53:31 GMT

GET
H2 200 index.html Show response
storage.googleapis.com/moon-prod/static-content/jackpot/new/ Frame F164 32 KB
32 KB 54ms
54ms Document
text/html 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/main.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b6ee5642e247392075c40330df8d51d04005266b70e50e29a988998dde3a459

Request headers

Referer: https://secure.11gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 32573
content-type: text/html
date: Wed, 06 Dec 2023 12:48:55 GMT
etag: "c192dbec0a4ad7d191126157fa3c0018"
expires: Wed, 06 Dec 2023 13:48:55 GMT
last-modified: Wed, 21 Sep 2022 14:17:03 GMT
server: UploadServer
x-goog-generation: 1663769823685434
x-goog-hash: crc32c=g0/5XQ== md5=wZLb7ApK19GREmFX+jwAGA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32573
x-guploader-uploadid: ABPtcPq-gINLFN7w6QAnTPLEY3JSG2NnFOnIfdsluXZM6-BfhQHcLZceZCETFx5VpTaUg9JBeD9GVuCCPA

GET
H2 200 pushreg.min.js Show response
d2afn796dyftlg.cloudfront.net/ 2 KB
946 B 17ms
16ms Script
application/javascript 2600:9000:20a0:3200:19:2a6:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/pushreg.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:3200:19:2a6:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f92fcffa7df004f0126954aabee78739751b7bb0298dc32a73d611beec3e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:04:10 GMT
content-encoding: gzip
via: 1.1 012634059e5295fc11d3d3daf0b68c7e.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 14:32:05 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 118
x-amz-server-side-encryption: AES256
etag: W/"2b834b5a0e88872341e1d7165480426e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: m7prvAGG2wNnL1JYiJfapZrgjYqnrHCboQALKtINpCuZnsI1T5vMSA==

GET
H2 200 oapi-heartbit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 2 KB
1 KB 16ms
15ms Script
application/javascript 2600:9000:20a0:3200:19:2a6:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapi-heartbit.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20a0:3200:19:2a6:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 087a64a782e52566b9f11c4d3ffbf22498482165591c955972fece46a702f13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:03:16 GMT
content-encoding: gzip
via: 1.1 012634059e5295fc11d3d3daf0b68c7e.cloudfront.net (CloudFront)
last-modified: Tue, 12 Oct 2021 12:03:53 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P2
age: 174
etag: W/"95ada3efe9ca8f8c93d082b428af1d4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: X62fphlVbKDBWWfbcsbX1hIzfssz1krWzCq_T4bN2WEethBqgnmVOw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
163 B 59ms
58ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1339355009&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.11gratowin.com%2F&ul=en-us&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PageView&ea=PageView_Platform_Secure&el=%2F&_u=YEBAAEABAAAAACAAI~&jid=1400911834&gjid=2101132738&cid=1992894351.1701867952&tid=UA-27702367-6&_gid=2039472026.1701867952&_r=1&_slc=1&gtm=45He3bt0n81KSBWD3Bv78890553&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=147917403

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7ce32208321c1a409e98a42ff3f8b7c10d2d7e1cc31037dd8aa4f54e391c4b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.11gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:05:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.11gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 51ms
51ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1339355009&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.11gratowin.com%2F&ul=en-us&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=1992894351.1701867952&tid=UA-27702367-6&_gid=2039472026.1701867952&gtm=45He3bt0n81KSBWD3Bv78890553&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1150858738

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 17:34:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70286
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 status
ga.streamygame.com/jackpot/ Frame 0
0 92ms
66ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/jackpot/status?brandId=8&customerId=1003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://storage.googleapis.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: https://storage.googleapis.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8314be2e2db59bcb-FRA
content-length: 0
date: Wed, 06 Dec 2023 13:05:52 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 status Show response
ga.streamygame.com/jackpot/ Frame F164 2 KB
1 KB 37ms
37ms XHR
application/json 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/jackpot/status?brandId=8&customerId=1003

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c8bfeca344606b6056c80afd511d3327659e363ed6e6e95a1516285b974266a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://storage.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:05:52 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://storage.googleapis.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8314be2e9e269bcb-FRA
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
85 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f98a4225b2ef0181153180092128e72c571fc7ecde9269d36056e0ebd0e51ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86532
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 13:05:52 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 98ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5D5LQ8JKK9&gtm=45je3bt0v9126070701&_p=1701867951727&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1992894351.1701867952&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsecure.11gratowin.com%2F&dt=GratoWin&sid=1701867952&sct=1&seg=0&en=PageView_Platform_Secure&_fv=1&_ss=1&_ee=1&ep.event_category=PageView&ep.event_label=%2F&tfd=1108
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:05:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.11gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 403 gameDynamicData
ga.streamygame.com/ Frame 0
0 37ms
37ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.11gratowin.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.11gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8314be32aa779bcb-FRA
date: Wed, 06 Dec 2023 13:05:53 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 iframe.js Show response
anakatech.uat1.evo-test.com/frontend/evo/r2/js/ 10 KB
3 KB 168ms
9ms Script
application/javascript 18.245.60.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://anakatech.uat1.evo-test.com/frontend/evo/r2/js/iframe.js

Requested by

Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/main.6d041aaa77d67108e45e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-51.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

c0ca60f1dad78e13d0b750e96ac1de35a86b68c26adc8dd14944930a3eb43a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 12:19:57 GMT
via: 1.1 bd96095bb3c15c742ab4d72d1fecba6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 2765
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2810
last-modified: Wed, 06 Dec 2023 08:04:01 GMT
server: nginx
etag: "65702af1-afa"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: nT88WtXaHMdcf91ES525QEscSD6nZWG9XQX2ITGmooN4k0yaP3_hmQ==

POST gameDynamicData
ga.streamygame.com/ 0
0

GET
H2 200 all_games.png
secure.11gratowin.com/assets/images/ 354 B
666 B 23ms
21ms Image
image/png 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.11gratowin.com/assets/images/all_games.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a3bad77018a615558340201b8d3a3ef4161786e11be214f99591cedf354066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
cf-cache-status: HIT
age: 18
x-guploader-uploadid: ABPtcPqQHRaLW_Dj-Ak24ri8RSf7043T2B8TP6lKIFUkP5AC9rS-E-xxqsAqoYmS46f_TU32k4e3ja8PlQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 354
last-modified: Tue, 14 Nov 2023 06:57:44 GMT
server: cloudflare
etag: "3ed75eebadf2c8b072295a399faea728"
vary: Accept-Encoding
x-goog-generation: 1699945064349460
content-type: image/png
x-goog-hash: crc32c=EIeYUA==, md5=Ptde663yyLByKVo5n66nKA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 354
accept-ranges: bytes
cf-ray: 8314be32ca426ae6-FRA
expires: Wed, 06 Dec 2023 14:05:35 GMT

GET
H3 200 category_19.png
storage.googleapis.com/gsdev/moon-prod/web/ 986 B
1013 B 58ms
57ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_19.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7bc364554159c5ace8fbae0965ff955753855fbf7c0238ba5acbbe46af0d6ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:08 GMT
age: 2625
x-guploader-uploadid: ABPtcPqpSmG2edjnHkmOyNz0jzHkT8Gn8vl3CZrsyw-5rJY00qx9KU0eZrD8HzBaLjh0_brBjZI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 986
last-modified: Mon, 27 Mar 2023 08:01:35 GMT
server: UploadServer
etag: "a7058eb8d1bb78719195505f7ffe8cdd"
x-goog-generation: 1679904095581170
x-goog-hash: crc32c=LHM7VQ==, md5=pwWOuNG7eHGRlVBff/6M3Q==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 986
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:08 GMT

GET
H3 200 category_18.png
storage.googleapis.com/gsdev/moon-prod/web/ 1 KB
1 KB 56ms
54ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_18.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0ebb87df614d24d505185917fb3b26027f914fe0aed27df37fa5147316ad6787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:08 GMT
age: 2625
x-guploader-uploadid: ABPtcPoaIGzRJc5GUBrUuCpn1Vheyse9Vvopi8rjiEUM_x7LcnynfjEb60xDh7s2oN3sP9Kg89c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1085
last-modified: Mon, 27 Mar 2023 08:01:35 GMT
server: UploadServer
etag: "3b504b5bce433dc0685ac9b540ca1139"
x-goog-generation: 1679904095566677
x-goog-hash: crc32c=VXvZcA==, md5=O1BLW85DPcBoWsm1QMoROQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 1085
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:08 GMT

GET
H3 200 category_25.png
storage.googleapis.com/gsdev/moon-prod/web/ 578 B
614 B 67ms
66ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_25.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5f650aad37e541335f86817ea21b510129524eb2da8daaa0a6abb1043fac40bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:08 GMT
age: 2625
x-guploader-uploadid: ABPtcPqHLoghKKmcTXXZV-ww78tDlzqx7vUUDiiKWMSCZTXzm_GCr_eUxUFrNQnPh0uHH3FNhRs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 578
last-modified: Fri, 31 Mar 2023 09:53:40 GMT
server: UploadServer
etag: "521df87d9bfbe00be90f51249165667b"
x-goog-generation: 1680256419928266
x-goog-hash: crc32c=vstuMg==, md5=Uh34fZv74AvpD1EkkWVmew==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 578
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:08 GMT

GET
H3 200 category_13.png
storage.googleapis.com/gsdev/moon-prod/web/ 720 B
751 B 65ms
64ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_13.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a09b6faa891a8e730e9f2e956215a1bfef1725dc855261c41d600ebd26f897a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:46:25 GMT
age: 1168
x-guploader-uploadid: ABPtcPoOh-Ouj79wGcUlD2bhl-LZL9HyRPiH8QDFB8SMH6t2eKstSm7eic7_UqN4onFaJPVa9HhbK-4azg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 720
last-modified: Mon, 27 Mar 2023 08:01:35 GMT
server: UploadServer
etag: "a581f632f302b5b5dd5ac3f09e555cf0"
x-goog-generation: 1679904095433552
x-goog-hash: crc32c=C2zfPg==, md5=pYH2MvMCtbXdWsPwnlVc8A==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 720
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:46:25 GMT

GET
H3 200 category_24.png
storage.googleapis.com/gsdev/moon-prod/web/ 720 B
753 B 66ms
65ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_24.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a09b6faa891a8e730e9f2e956215a1bfef1725dc855261c41d600ebd26f897a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:08 GMT
age: 2625
x-guploader-uploadid: ABPtcPpnFgnm6VMclBKVV1oqfkhanT_TSeAPV-IwYKnajTV0WyWL2w1pdH8fVjUQZ-Cy4RY-M9E
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 720
last-modified: Mon, 27 Mar 2023 08:01:36 GMT
server: UploadServer
etag: "a581f632f302b5b5dd5ac3f09e555cf0"
x-goog-generation: 1679904095925430
x-goog-hash: crc32c=C2zfPg==, md5=pYH2MvMCtbXdWsPwnlVc8A==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 720
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:08 GMT

GET
H3 200 category_20.png
storage.googleapis.com/gsdev/moon-prod/web/ 651 B
679 B 64ms
63ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_20.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e556916c8d10ea83b944cdca70a9c0591aa9d3f5916f56a26bac507cd1fc1d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:08 GMT
age: 2625
x-guploader-uploadid: ABPtcPrH9uMME9V2ZC0ARIIDfDBBc2VmQOiF6j0EBR5BaR3N0iH2w--1w3YmCDSMssTaWJlYRuQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 651
last-modified: Mon, 03 Apr 2023 15:21:53 GMT
server: UploadServer
etag: "43a99d6131394a33115145e23d73ecbf"
x-goog-generation: 1680535313713318
x-goog-hash: crc32c=6fF2sg==, md5=Q6mdYTE5SjMRUUXiPXPsvw==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 651
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:08 GMT

GET
H3 200 category_3.png
storage.googleapis.com/gsdev/moon-prod/web/ 943 B
970 B 61ms
60ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_3.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d3ab881e2a91522416b0befe1c8cb255b9cb85a398c74d95bb9fb7c7dcaa968e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:46:25 GMT
age: 1168
x-guploader-uploadid: ABPtcPoHQaPEdsnlHVpXisUHy8jMhdD-onPaQ2a8U747lx9CQBiprJCYyPTk0wmTJ-Im0DFohkvgw8trfQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 943
last-modified: Mon, 27 Mar 2023 08:01:36 GMT
server: UploadServer
etag: "646b5223d18508c4cf797d5595962a6f"
x-goog-generation: 1679904096082778
x-goog-hash: crc32c=sB4c+A==, md5=ZGtSI9GFCMTPeX1VlZYqbw==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 943
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:46:25 GMT

GET
H3 200 category_26.png
storage.googleapis.com/gsdev/moon-prod/web/ 561 B
588 B 63ms
62ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_26.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 54a1a6151a81ec40d14bf2e85d4f116a90c545adfd6c5499ee6879de870315c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:08 GMT
age: 2625
x-guploader-uploadid: ABPtcPryRcd2cXINKbF_95lDXVd84XSaRp_mEHSzHO_maXW_Syy349ZG0yK4DUjTD3MbfXaiQGA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 561
last-modified: Mon, 03 Apr 2023 10:04:09 GMT
server: UploadServer
etag: "b3557264329901383d636fdb2d2220c5"
x-goog-generation: 1680516249659768
x-goog-hash: crc32c=fgB/TA==, md5=s1VyZDKZATg9Y2/bLSIgxQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 561
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:08 GMT

GET
H3 200 category_27.png
storage.googleapis.com/gsdev/moon-prod/web/ 961 B
988 B 59ms
58ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_27.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 578d67df1a745af8a7cfe2cd4d139f856941d3275e23f6aa74b1f18c6702e2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:08 GMT
age: 2625
x-guploader-uploadid: ABPtcPq3on7LWGbdZ-g8GRNx_qXFklZrVv55RyAeinp8sEREAtlrG_PcOEXg4BbMKIyZrdgy8Ag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 961
last-modified: Tue, 14 Nov 2023 15:41:07 GMT
server: UploadServer
etag: "7b84471a5a8ff4d994572a79fa3c97e9"
x-goog-generation: 1699976467040441
x-goog-hash: crc32c=gJOArg==, md5=e4RHGlqP9NmUVyp5+jyX6Q==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 961
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:08 GMT

GET
H3 200 category_14.png
storage.googleapis.com/gsdev/moon-prod/web/ 870 B
897 B 60ms
59ms Image
image/png 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_14.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c21ac0bbb27a457552858b53c117acc699665377f80e292970c9c56f7306dadc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:22:08 GMT
age: 2625
x-guploader-uploadid: ABPtcPqelTH4K5ySuouW3VuDaflHzVB_LzQrBD0ho1iUtJUUsu0jjXJ5JLUJGRq3syhhVoyclyc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 870
last-modified: Mon, 27 Mar 2023 08:01:35 GMT
server: UploadServer
etag: "8c0734f152a88c26d33f3bc85e4b0a85"
x-goog-generation: 1679904095482072
x-goog-hash: crc32c=NhUd8Q==, md5=jAc08VKojCbTPzvIXksKhQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 870
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:22:08 GMT

GET
H3 200 629.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 90 KB
90 KB 53ms
52ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/629.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a885a9ed0d2f31aee9f9c543e4efb0729ead5feebb774d67de5e52a1e38ed769

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:31:33 GMT
age: 2060
x-guploader-uploadid: ABPtcPqIKc6XyKNofVpZ8w456qxm540Gkem9cO4ZpAbZClZGHILDmLhdsxEFH_CmHMff00h7MQgXFjNWEw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91715
last-modified: Tue, 28 Mar 2023 19:51:03 GMT
server: UploadServer
etag: "1aadf6d79f9fc39612f2ba77b5408885"
x-goog-generation: 1680033063077365
x-goog-hash: crc32c=8641JA==, md5=Gq3215+fw5YS8rp3tUCIhQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 91715
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:31:33 GMT

GET
H3 200 1691.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 28 KB
28 KB 225ms
225ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1691.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5d34beb1f94649a276dd03f83ab7d2ee8e6559e502bf6cace48ea170f5c8e114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPpampxqtQKwkYaQ4FjfLcv-2NZrrM6ZVPW44cgS4P8n62SEKLNQMbgqbeU0HQ2rT33yrYI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28231
last-modified: Thu, 30 Nov 2023 11:38:38 GMT
server: UploadServer
etag: "992f8eb7c65d1f36bb7f3b0ca809fd0d"
x-goog-generation: 1701344318570715
x-goog-hash: crc32c=E0fe8g==, md5=mS+Ot8ZdHza7fzsMqAn9DQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 28231
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1681.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 38 KB
38 KB 75ms
75ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1681.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 520e49a94d702a60d06af18720897cf03168c2d6dbdb58ec4466ea615b74a4c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPrHkAhhG541F2qF8ahGajtQcHFF6lNcSJVmj_5NDhI3uWsW9aHChQb-qxESaQOikseuye4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38495
last-modified: Thu, 23 Nov 2023 14:44:32 GMT
server: UploadServer
etag: "1691b3e8ea6e13a4c157e001e7240ae9"
x-goog-generation: 1700750672314680
x-goog-hash: crc32c=m7DrlQ==, md5=FpGz6OpuE6TBV+AB5yQK6Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 38495
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 1683.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 77 KB
77 KB 275ms
275ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1683.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 688434a09f429e821ab2147bbc7576fd6ddb55e765fab358a7e76a2c98f85ee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPp6HI5lJqwC43SoNCchEji7lJs4ya3NDSTly5HHYdhG-r9eHy1kIMgxxgzuzVJ5H2tabyc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78580
last-modified: Thu, 30 Nov 2023 11:36:08 GMT
server: UploadServer
etag: "9728a5fdf9e9f3af1e4e50174e545647"
x-goog-generation: 1701344168556500
x-goog-hash: crc32c=2TEQZQ==, md5=lyil/fnp868eTlAXTlRWRw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 78580
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1693.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 36 KB
37 KB 278ms
278ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1693.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3cb79b9508c21b802e1288bdca34ea29bb9ea8153b26cf6e9254608957fde930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPrruwEPe7WXrx3NSqA_HSwxuWbaGy7y0AcDZqQZojnkhN1CfwHVoMOKh-SrP18ESYu36ro
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37341
last-modified: Thu, 30 Nov 2023 11:39:23 GMT
server: UploadServer
etag: "7278ef8fa05ebf5bf2c554dc0ba8524d"
x-goog-generation: 1701344363612250
x-goog-hash: crc32c=9igB0w==, md5=cnjvj6Bev1vyxVTcC6hSTQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 37341
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1684.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 34 KB
34 KB 229ms
229ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1684.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae668293659361b51dd9a3691955a32a8bedc26c830ffa886d624d15b953b4a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPpmbs7ZBi5V3Q_qlbVDLLefOGQjX0cDpgSq1MQd5SmWX4APQy2PH026Gxi44iVJRDMx0rM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34901
last-modified: Thu, 30 Nov 2023 11:36:35 GMT
server: UploadServer
etag: "6844cbc8d8fbf2c0c119036c5e1850d2"
x-goog-generation: 1701344195944845
x-goog-hash: crc32c=VlArYA==, md5=aETLyNj78sDBGQNsXhhQ0g==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 34901
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1690.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 64 KB
64 KB 290ms
290ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1690.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ee566c7e9c3599edacb8f73da21e4e889915ef28bce0bbbfb212f2cdcee6985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPqzmSNIgiGsr1YDUJzUczz_tTG9ryhTCev_8ourEQ7-73Iu2LcNlt6SLY86JVtps1XwVi8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65161
last-modified: Thu, 30 Nov 2023 11:38:21 GMT
server: UploadServer
etag: "7e7a1a38fdeb25cc8d22bbb4b07683e4"
x-goog-generation: 1701344301024940
x-goog-hash: crc32c=/Xvdeg==, md5=fnoaOP3rJcyNIru0sHaD5A==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 65161
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1689.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 38 KB
38 KB 304ms
304ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1689.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1db396e25b1be4ca3f7e9c24919dc3a71d01ce8cfa71efb7ef7f4dcb885b0f6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPqoPq2AKEloDNMzmQ65ielymjuUmVQrG7gnlGVIsaVqVdIkQfozoc0gM2gb2WKpiROnNUQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38895
last-modified: Thu, 30 Nov 2023 11:38:03 GMT
server: UploadServer
etag: "21e232dc08d3146785cfe59c2cc5dd7a"
x-goog-generation: 1701344283937002
x-goog-hash: crc32c=H1kdGA==, md5=IeIy3AjTFGeFz+WcLMXdeg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 38895
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1035.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 85 KB
85 KB 93ms
93ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1035.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 46fc4a87fc26af48e9ed092f9f9ec3425829162294534a62b88257c1e3b90133

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPqZ9xXh9vW5y9WFO2aFA_M4d8_A7RhxGx8VLvXjonuSNYTLz0bX9G__UYdBJbIUhmeaLnA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86620
last-modified: Tue, 02 May 2023 12:58:06 GMT
server: UploadServer
etag: "290c4f69b65c51c81c1a797e76c023ea"
x-goog-generation: 1683032286301379
x-goog-hash: crc32c=hRoWKw==, md5=KQxPabZcUcgcGnl+dsAj6g==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 86620
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 1694.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 37 KB
37 KB 291ms
290ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1694.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 041614eba00e42ce2f390e3ea78bf965c960fd89bfe916ee00a838d82d51e6a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPrGUevnsOb5b518Jgh5dC3UxfPiK-zNObPzFksorgMEoHCUjwzuNivMdXjy10ples9w-YU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37694
last-modified: Thu, 30 Nov 2023 11:39:46 GMT
server: UploadServer
etag: "760dd34c8e82270b8204a62f7ccdb0ca"
x-goog-generation: 1701344386158141
x-goog-hash: crc32c=FULyIA==, md5=dg3TTI6CJwuCBKYvfM2wyg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 37694
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 806.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 27 KB
27 KB 111ms
111ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/806.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e904cf106f46b7ff5e1ea4e0fb2343e442e7fe66148a5ce2dfbbfbf0c2c8e0e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPpt8-qlvmki3sQwg27mxuyRklmnEcQdbpXJ3OThLbIsOY5lyGIxwiArSUkVxdzJiEJDln0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27747
last-modified: Mon, 27 Mar 2023 09:36:04 GMT
server: UploadServer
etag: "f1c44c8d8b5d7d0868c63a9e13d7c015"
x-goog-generation: 1679909764642060
x-goog-hash: crc32c=LaqeFw==, md5=8cRMjYtdfQhoxjqeE9fAFQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 27747
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 1685.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 37 KB
37 KB 300ms
300ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1685.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ff0a2252519ac7d9c8ecdce597a87bb68dc098e0bcb825bde4d4ae58bb31ce3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPpusnVAeZt9fWkCXRgRSAuhzty-ljOZ5n4d1oAwixrCWS2DFM9bBNaOk0nOaXZEjiJ07kI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38177
last-modified: Thu, 30 Nov 2023 11:36:59 GMT
server: UploadServer
etag: "bdbc0f80c65f76cb2116a6b4fcf89efd"
x-goog-generation: 1701344219366950
x-goog-hash: crc32c=NP6BjA==, md5=vbwPgMZfdsshFqa0/Pie/Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 38177
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1642.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 36 KB
36 KB 126ms
126ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1642.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d339dcaa888f6c34a4f18d8ebb342a11440f945a4a64c9ed411052c39876f1e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPoQXDW49Ja6ry85sJaVqryfo4sRTIiecA2rn_62xinDL7Hf2AfqaEavxmDu97ZvJhDoTGk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36403
last-modified: Tue, 14 Nov 2023 15:46:18 GMT
server: UploadServer
etag: "381ec6791e4447420bf525a298b8f90a"
x-goog-generation: 1699976778850032
x-goog-hash: crc32c=RWPiZg==, md5=OB7GeR5ER0IL9SWimLj5Cg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 36403
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 1633.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 29 KB
29 KB 206ms
206ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1633.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3cd75841e07ea4dffe7fcf42c80483791c11f9d7934f1bd0bd12c5b37a10686e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPpZQ77pA518hhKqJcEwRq0y8lSgTTlbZtxtrbHNv6qKuCUVEPqPoQoiZYt-AZHhTciwk9s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29865
last-modified: Tue, 14 Nov 2023 14:50:09 GMT
server: UploadServer
etag: "b0a912ffbafe7e975533f7d1cfcfdbf0"
x-goog-generation: 1699973409600639
x-goog-hash: crc32c=8nvWUw==, md5=sKkS/7r+fpdVM/fRz8/b8A==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 29865
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 560.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 62 KB
62 KB 149ms
149ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/560.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: edf6d19e0dd9ed298e4fcf59adadff77ff255f8ec76ce5a9f028675b9f4e7212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPrsXdjosShV0eblafHGVS2GkrVGNgUiguCgWyfL1BX8nYPEVmJ4R8DLVk91XTanymjOWyM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63099
last-modified: Mon, 27 Mar 2023 09:34:41 GMT
server: UploadServer
etag: "9ab3bd940a7f4f24c94bf0f9fab43378"
x-goog-generation: 1679909681170369
x-goog-hash: crc32c=C4i6+w==, md5=mrO9lAp/TyTJS/D5+rQzeA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 63099
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 1692.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 33 KB
33 KB 305ms
304ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1692.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b7753fc15c77b4bb28f585183aa61aa4b5cdd92b1a86a5564c366a3e1a71fd00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPrAWvqn-KKiAeIMREoZNLn3s5wd1B3K8Yjv0KoNvPoW59lOMtZs1Oz7zCmgO9vYpbyvG9g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33770
last-modified: Thu, 30 Nov 2023 11:38:55 GMT
server: UploadServer
etag: "be97fcbf96f01289069aefacda31ebd6"
x-goog-generation: 1701344335178178
x-goog-hash: crc32c=JKl/mQ==, md5=vpf8v5bwEokGmu+s2jHr1g==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 33770
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 561.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 44 KB
44 KB 194ms
192ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/561.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c00a8b4ebe41999121dda6c5017206dab5cd76b1b3ebb6b64a34ece37538a775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPrHMCrRCS08Zdzf4XZ-SxsavVZ6QSr5WvQaA6tek9uh_nHaqJTQZ5nZjFNVSa6uikd6R7s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45111
last-modified: Mon, 27 Mar 2023 09:34:41 GMT
server: UploadServer
etag: "d58d0162f4ac6801928b93925dd341f5"
x-goog-generation: 1679909681147684
x-goog-hash: crc32c=sTeXxg==, md5=1Y0BYvSsaAGSi5OSXdNB9Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 45111
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 1696.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 33 KB
33 KB 323ms
321ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1696.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2606805dcd1986ea045b8b047bc8275d8fe19ca375081edc5d5453a02b7b5e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPpRK8fCP2bsoexZJKQ-ECw2nTlsd7HrNMyx6lHEw9BPLVpJcxt7secKsI5aOEYXb54R6VQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33816
last-modified: Thu, 30 Nov 2023 11:40:25 GMT
server: UploadServer
etag: "814e122c4c3bcea218e9f729ab730f15"
x-goog-generation: 1701344425043098
x-goog-hash: crc32c=iBm30Q==, md5=gU4SLEw7zqIY6fcpq3MPFQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 33816
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1686.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 31 KB
31 KB 328ms
325ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1686.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 31c2b965508f531a6e7227efa494456ed196345d5ce69fe7d070e1cd40bdd64d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPqRZc4nXM1byZPu26MI3aBc5jIZcIYAhOv8gFYnOdXs_WM6ZFvT2D4RQVnpERPa8eBBK9w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32197
last-modified: Thu, 30 Nov 2023 11:37:15 GMT
server: UploadServer
etag: "4a4409dee99807544518a461e88d108a"
x-goog-generation: 1701344235907156
x-goog-hash: crc32c=+zO1LQ==, md5=SkQJ3umYB1RFGKRh6I0Qig==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 32197
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1079.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 78 KB
78 KB 138ms
135ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1079.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5bc297dbb76681bfeb234478f17cb66c16224967a3353cdf7bff97d57165d06b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:31:33 GMT
age: 2060
x-guploader-uploadid: ABPtcPp4AudWE6ENx488nE8wZDaM-XHIzWLxvvbAWdpDS5XasrQVUfrC3fDx5FCHV6YgWHYhSR__VWssmw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79795
last-modified: Tue, 02 May 2023 13:09:06 GMT
server: UploadServer
etag: "8b15064de2c271f99fc850f561cc805d"
x-goog-generation: 1683032946260373
x-goog-hash: crc32c=m345CA==, md5=ixUGTeLCcfmfyFD1YcyAXQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 79795
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:31:33 GMT

GET
H3 200 1652.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 36 KB
36 KB 199ms
197ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1652.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ec8dde890e62b047cc85b89a856e84d3d4d3b67f13ce15bb7ab01149d28c40a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPr7OgSIvUZUhdxRtjCS-GkM7XTgMkqGxUiRTg_YrHVuidChgsJVKEjfvicVBqvNx2Rkqpg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36482
last-modified: Tue, 14 Nov 2023 15:49:44 GMT
server: UploadServer
etag: "b7cca684918a5ec94e135326273c4e9f"
x-goog-generation: 1699976984896319
x-goog-hash: crc32c=adIFmQ==, md5=t8ymhJGKXslOE1MmJzxOnw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 36482
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 1697.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 33 KB
33 KB 328ms
326ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1697.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0190647c906fb17897d0831daf5a6ef416fe3c88379b49bfe0b435ece5471b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPr5kt9VaWerhxenTUyaV9EYfdkSvQ5aAkQcpb9v2Jo57z2j7wC9e-kL1i2dEXV8eZzNNKg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33695
last-modified: Thu, 30 Nov 2023 11:40:47 GMT
server: UploadServer
etag: "50ac331e656c29d0b0f40126a4f53686"
x-goog-generation: 1701344446999885
x-goog-hash: crc32c=9DylIw==, md5=UKwzHmVsKdCw9AEmpPU2hg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 33695
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1578.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 31 KB
31 KB 169ms
167ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1578.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1074c255bd811197ef02da1aeeb6fb61985eaee1f97418dd125b4a50325765b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:24:09 GMT
age: 2504
x-guploader-uploadid: ABPtcPoO9VGFtHGu5z-c_TQMu_fHv3-rIjnYaAHtH_U_YmOcCE9EGcvekTbCAVlFB6B1yH1sXy0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32119
last-modified: Thu, 10 Aug 2023 05:49:52 GMT
server: UploadServer
etag: "c8652ce197b8a4d380a7ee7223118a6a"
x-goog-generation: 1691646592933732
x-goog-hash: crc32c=aKccbA==, md5=yGUs4Ze4pNOAp+5yIxGKag==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 32119
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:24:09 GMT

GET
H3 200 246.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 33 KB
33 KB 163ms
162ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/246.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 08c09c3a68e6e466dbc98e7c4ceba3a62524fa976cd582ef70d016b197eb10e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:31:33 GMT
age: 2060
x-guploader-uploadid: ABPtcPplT6K9H8O_2joDjrzzOhuzzbcqoNuBN9_beZH4Aq1BD3yKr1NWuprstLyRIdCKIJUeijurOar3mw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33681
last-modified: Mon, 27 Mar 2023 08:04:27 GMT
server: UploadServer
etag: "62c3eed79305a470a04161bd858b547d"
x-goog-generation: 1679904267556191
x-goog-hash: crc32c=lTwUwQ==, md5=YsPu15MFpHCgQWG9hYtUfQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 33681
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:31:33 GMT

GET
H3 200 555.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 34 KB
34 KB 153ms
151ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/555.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5e82c2fdf15920f24e05e1385ed8f40901899b1b89bf453bc6d66e73064f6f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:31:33 GMT
age: 2060
x-guploader-uploadid: ABPtcPpLCyov3rS3Pfn7Ej_M4dojbyysD9xGeRNG8HzKHFSuU03k0ad60px10W9mRI_WrSe3zURPODQMkQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34911
last-modified: Mon, 27 Mar 2023 09:34:35 GMT
server: UploadServer
etag: "cccae9c1c08cdeed3c10a6afe4edf45e"
x-goog-generation: 1679909675632154
x-goog-hash: crc32c=PvxcmA==, md5=zMrpwcCM3u08EKav5O30Xg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 34911
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:31:33 GMT

GET
H3 200 1695.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 34 KB
34 KB 330ms
329ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1695.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e8613ffc72830ed409ec8354729a002561f2d8faf30c64556047d44d95626727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPp3ie0fUlpBLyw2Jqhr46cFT89MNQoT9d_6xG08bDptDCC-yAqpD7cspGa7k0lVBHO0x9w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34772
last-modified: Thu, 30 Nov 2023 11:40:03 GMT
server: UploadServer
etag: "4e37505506bd35c0f3722eeb20f5c916"
x-goog-generation: 1701344403615741
x-goog-hash: crc32c=Si1cBQ==, md5=TjdQVQa9NcDzci7rIPXJFg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 34772
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1047.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 23 KB
23 KB 178ms
177ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1047.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 15cfa9b06c9a724eb7f2355eee7e5ec1234a265964085b579c6878143dab2fac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPoru50X-4xwByo6mNwYqGiC7UzOVnmIHWdqQWRAPBBV1x6Hred5Aj5GyvqkzlPwT9Hj9bk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23634
last-modified: Tue, 02 May 2023 13:01:40 GMT
server: UploadServer
etag: "c721c3e0f5a8f5354b46ef9d48954404"
x-goog-generation: 1683032500194929
x-goog-hash: crc32c=K52LEw==, md5=xyHD4PWo9TVLRu+dSJVEBA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 23634
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

GET
H3 200 1688.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 61 KB
61 KB 356ms
355ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1688.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1f20c6fbae3687481433c16bb8b211f9621a8112519cccb4fd4e045638c70760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPqkmzV3xffrsQgczj5rnNy6VSfLti5tBp7JnUSHvPW7NuQw6XUSj-f2dMuY75-ymcJi4og
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62902
last-modified: Thu, 30 Nov 2023 11:37:51 GMT
server: UploadServer
etag: "c3a367f28d7d987243c822f2ba744fb5"
x-goog-generation: 1701344271862860
x-goog-hash: crc32c=YvD9ug==, md5=w6Nn8o19mHJDyCLyunRPtQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 62902
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1687.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 33 KB
33 KB 345ms
344ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1687.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 537e6c71ae3f0c2627e4f4e4288dfa350c19b45b6f549e475b964af51945a48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
age: 0
x-guploader-uploadid: ABPtcPoWawJI93r9ty1g7K7PwJrOQiorKl5m-FrtOpbkxZ8YzslzV-2KSN9ECr2yuivHX1TuJTo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34055
last-modified: Thu, 30 Nov 2023 11:37:31 GMT
server: UploadServer
etag: "d43568e0c8b4fa38611af98a553442dd"
x-goog-generation: 1701344251268495
x-goog-hash: crc32c=duq4Zg==, md5=1DVo4Mi0+jhhGvmKVTRC3Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 34055
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:05:53 GMT

GET
H3 200 1032.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 31 KB
31 KB 207ms
206ms Image
image/jpeg 2a00:1450:4001:80b::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1032.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 527fbdba17e7894f938ba8ea6ce6d6a498e4b7d6674578bfe20ea6060177e6a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 12:48:57 GMT
age: 1016
x-guploader-uploadid: ABPtcPpY7vi605ZC1CwNdq0HpVNsrVitXZB2BeNv5OAIuhbSHVHMklfv0M3Kqvh2j388o5GBUBo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32071
last-modified: Tue, 02 May 2023 12:57:21 GMT
server: UploadServer
etag: "1e01c8bedd9745a0274d8877a76031ad"
x-goog-generation: 1683032241007236
x-goog-hash: crc32c=opYgXg==, md5=HgHIvt2XRaAnTYh3p2AxrQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 32071
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:48:57 GMT

HEAD
H2 404 favicon.ico Show response
secure.11gratowin.com/ 0
135 B 69ms
69ms XHR
text/html 147.78.140.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.11gratowin.com/favicon.ico?_=1701867953142
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.21 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:53 GMT
content-encoding: gzip
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPpD-6ifVU0PyR5HRNBtm0TkycAoLKQZbvBuArCcSeEHUieFxbZjgADQJpByAsBh-Jcgd5Dc_PtTlA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:59:41 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1699945181022560
content-type: text/html
x-goog-hash: crc32c=H1AFAQ==, md5=I7endsT/78IKps358dRunw==
cache-control: no-cache,max-age=0
x-goog-stored-content-length: 3062
cf-ray: 8314be332abc6ae6-FRA
expires: Wed, 06 Dec 2023 13:05:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
718 B 67ms
67ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b185da9777f2953b350ef4dd6d0f78d94bdea1ec0a6ef42c629d47f854b8c20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 12:54:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:05:54 GMT

GET
H2 200 seal.html Show response
www.gratowin.com/ Frame 62A2 2 KB
1018 B 136ms
88ms Document
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gratowin.com/seal.html
Requested by: Host: secure.11gratowin.com
URL: https://secure.11gratowin.com/main.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: af53eed30f9086583486b73ab57817549dfdea79da39762bff5a87dded0eef80

Request headers

Referer: https://secure.11gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8314be38ef3565a3-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 06 Dec 2023 13:05:54 GMT
last-modified: Thu, 02 Mar 2023 12:35:07 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 mastercard.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 51ms
21ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/mastercard.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bab7eab8e1e05aa031ce685b74fdb8bbbffb418f4068dadfb44ffd6d130af5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPpsv-8mn080pkHNaTWTf6KaiYXZ3gwcNXeuivyJeI-BeFGbIJqn6Q1XGEMMaBcblWf6aW4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2569
last-modified: Mon, 02 May 2022 11:58:15 GMT
server: cloudflare
etag: "f3ff236418dbe75a588fc2f277baaab6"
vary: Accept-Encoding
x-goog-generation: 1651492695597263
content-type: image/png
x-goog-hash: crc32c=8BOYTg==, md5=8/8jZBjb51pYj8Lyd7qqtg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxWCvlzNUt71qimPFw%2Fe1i51yG7u0DxAseKUmfH2JrJ0goHauJ%2FEqmvcj28qaZzVdti4jZSjiAf25KDiN4v3bm6mejwn4DVG2wUTYD%2BEY2Zq7ts%2B53b7%2BN82nl9Yk52PdL%2B4tMdRH%2BCJ%2FceVxwcYGWbYrg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2569
accept-ranges: bytes
cf-ray: 8314be38cb54bbf8-FRA
expires: Wed, 06 Dec 2023 13:12:21 GMT

GET
H2 200 PostPay.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
3 KB 53ms
23ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/PostPay.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd44487689f7f4501db1b9b7a7a50849c4d42e534eef60a04356a7851e92c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPogr4qTYPsnPA--BHMn0xWn0w6Ru-pp4mcR2Y74yA1hLXefBKY7aHE4MLMzGt6Pi4xJPg9uwhe0QQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2501
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "1ade0623f06ef3964f06847a2adca08a"
vary: Accept-Encoding
x-goog-generation: 1651492693814444
content-type: image/png
x-goog-hash: crc32c=2WIQPw==, md5=Gt4GI/Bu85ZPBoR6Ktygig==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0Y%2Bk4Nwge0iqLLON%2FNXNUqPdjLT9ID%2FU8ZgF74gqUEmeOHEIJAikFkgXKhec1CTnKUmMW%2FBMpKJfY41iGkfa9Ru9kIRv%2Ff2r8yuIBHNQH2KDOEy00rBiLZOuPJU6fJMdrAwqYZYq598KtbdLkQsDdgV3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2501
accept-ranges: bytes
cf-ray: 8314be38cb5dbbf8-FRA
expires: Wed, 06 Dec 2023 12:54:17 GMT

GET
H2 200 Quantom.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 56ms
26ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Quantom.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af2e2a86b8e8d47a1a5ca54128c0a7adf09074386cf5a8ee68f178a68584362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPrNxwBDl0hH4jCDCGQyDM7XE2SGhiwY2liYXeGUphvjllSSYpbytpSJBAiiS0MHvtpKgbE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1625
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "95b14f93ce4d7a3b73a65afd4da99d34"
vary: Accept-Encoding
x-goog-generation: 1651492693805894
content-type: image/png
x-goog-hash: crc32c=/nRmrA==, md5=lbFPk85Nejtzplr9TamdNA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQJDj09pGyftU4mClO9OHLxvfDn5cpCY3vWZR05i2peA7rYBAiACuh0gVwzGQ0m0zb1gYzEVJc4ikDxG9FPJM8RGIu8KCfivKrBwnx6X1w41rUNns78FW00Y8GnDXd9S4KFXgollVL6Up5UvWgO707MM5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1625
accept-ranges: bytes
cf-ray: 8314be38cb58bbf8-FRA
expires: Wed, 06 Dec 2023 13:12:21 GMT

GET
H2 200 visa.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
4 KB 54ms
24ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/visa.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ca845c5e87533da52958f4b9c52f6d2a373f2a273a7b6e90093026f7a1ae47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPpmNzcr3PxM53DzJ2oHuf4HtlYaL83ZfH_bxy41tJDWv0or9tKmhnWUZp_IMHCs9f7Jj_s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3070
last-modified: Mon, 02 May 2022 11:58:26 GMT
server: cloudflare
etag: "e9d7082867979eabe30e401d6cf941f6"
vary: Accept-Encoding
x-goog-generation: 1651492706733395
content-type: image/png
x-goog-hash: crc32c=yJZTHQ==, md5=6dcIKGeXnqvjDkAdbPlB9g==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyqBdYBQSG7dzaUnVlepiuQ5qL1WlemVGYppNT8W25ZBN2%2FNP1PxFvVusMuiCkj7UFjF3ybCcexeDMImh%2BhDzibUoveJTe%2FQAF%2B%2FepdkFUn%2FZf9WJLKcp8sRgugb2NgV%2BVvR%2Be8ydq2EhkD8%2FY%2FRATUwJw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3070
accept-ranges: bytes
cf-ray: 8314be38cb59bbf8-FRA
expires: Wed, 06 Dec 2023 12:54:17 GMT

GET
H2 200 Click.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
3 KB 50ms
20ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Click.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74686cb67a39ba6066421272589bcf938003022d9dbc772454747518073ac1a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPqKV85dJOtCm58ZJ7XGtcWbDXh9mlMVzy0PyA7H8rHTKYbW8YPa7Jodd3CgyA0lvFOVFGw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1853
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "b85f792d205fbda0910dbe67efbccfb4"
vary: Accept-Encoding
x-goog-generation: 1651492693259411
content-type: image/png
x-goog-hash: crc32c=zOEnDg==, md5=uF95LSBfvaCRDb5n77zPtA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOHqeiAX64yXzHeICTllh7nBeIOCvKEoo79BKhPc6mHIkRvkYkZO8rithtAqy0qOk3aUHsXDAfXy0zJYs3shLduIGuNG5TvS2ZwmxjzV%2FAByYaYDZuLqcC0zOHILDbWwxFu5b3Mp2kwOTy%2FD4I3UCPmJjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1853
accept-ranges: bytes
cf-ray: 8314be38cb5ebbf8-FRA
expires: Wed, 06 Dec 2023 13:12:21 GMT

GET
H2 200 Neosurf.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 53ms
23ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Neosurf.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4363b84238dda44f9ca7980c91b775f141a438aa2af9152b98a036f664ca178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPokdOvL5NWD2mrquvFx1oxku4-Gnq0Y716BB72Hk4hTJvUz-qGiWueGxaaRqRGJW4XTaS4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2012
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "f2b574780708ebc637d4f2b8dac8269f"
vary: Accept-Encoding
x-goog-generation: 1651492693747409
content-type: image/png
x-goog-hash: crc32c=FPaoNQ==, md5=8rV0eAcI68Y31PK42sgmnw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeLJVXf0AgVxLh0JSZTuYxBAzOjWrfKf%2F1gD3LW5PPuYd4b%2FahsWZqRutEOgkdcKOlNnEvFUtWuFzaZA%2B5VTnm5vkh8ImW7SH0oW%2FOY1m6tPP87TB1cVp6iJyzZwtlzMlEPBnmUCx%2FcGF1EswfFNSepFug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2012
accept-ranges: bytes
cf-ray: 8314be38cb5bbbf8-FRA
expires: Wed, 06 Dec 2023 13:12:21 GMT

GET
H2 200 Cashlib.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 40 KB
41 KB 15ms
14ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Cashlib.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e91de8b587baf86d05f8da82ac270eab8d4989defcdc85ffda62578778b04a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPpMz4_qubHc4wuD1iYgBvpJErBujlH71JZKJ0mwxp_0TBSDaMCjWdssGthf6r42nOMK0dU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 41452
last-modified: Mon, 02 May 2022 12:21:31 GMT
server: cloudflare
etag: "7efb0c903552116f2a60b434f81c48db"
vary: Accept-Encoding
x-goog-generation: 1651494091311094
content-type: image/png
x-goog-hash: crc32c=VLi8lw==, md5=fvsMkDVSEW8qYLQ0+BxI2w==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RETKjQMinVlpGwLFjz3Q2hc%2FwZ9JPc2xEDwfLktO7ZJvcx2b8jm7oXkWbFha%2FFdroXRGIy0RC2dLr2ivRJoWLzVj5a1yiK9VZKoKxucYoz%2FzWDipIzjR1QBuCmNEH6mdWUOHE023iAh2q1Uj4c3JGUFZ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 41452
accept-ranges: bytes
cf-ray: 8314be38eb8bbbf8-FRA
expires: Wed, 06 Dec 2023 12:54:17 GMT

GET
H2 200 SSL.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 8 KB
9 KB 18ms
18ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/SSL.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048b2f5e3b86bec8b10baa4271ef5c706150a317e3a42a4a2ea97ca4a507b024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPqhKFa_bkZHhSmJT7N7qIrJPwqY8MlWUFtYsl6nUCGrKs5QA7L3kyS55O-yxmoXDV8Rr8o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 8404
last-modified: Mon, 02 May 2022 12:25:35 GMT
server: cloudflare
etag: "adcf0ed844d4d6c3bc72a35c973315f0"
vary: Accept-Encoding
x-goog-generation: 1651494335286155
content-type: image/png
x-goog-hash: crc32c=v0ntag==, md5=rc8O2ETU1sO8cqNclzMV8A==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkfsAaYfQ0Z1xLvln08OsH7vYVP32xpxOkgSZ4HKgOFF2WTNFTiajpT%2Bwkir9PeDBOjUNFcPgHeAmrj0EUSGi8%2Bi1R4yQaiNxau5jYJ6Yq9aTWdKCJVuxNcLPCtTox1y0rB6sLDadQE7LDevxXjhvtY7OA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 8404
accept-ranges: bytes
cf-ray: 8314be38eb8dbbf8-FRA
expires: Wed, 06 Dec 2023 13:12:21 GMT

GET
H2 200 Plus18.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 1 KB
2 KB 16ms
16ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Plus18.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44452423e27abf304bca5773bc2657000d4e69a578f406af5b3d096a7a3f666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPoRvQZbUO1VTkOu6MemJixvoySOYhBH9Y0w3heFX2C7IgeUf8B6KztlY7_dYSqU43Nf4ok
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1196
last-modified: Mon, 02 May 2022 12:25:34 GMT
server: cloudflare
etag: "a220d4a45c9d5d871044e51ab9d05d26"
vary: Accept-Encoding
x-goog-generation: 1651494334802110
content-type: image/png
x-goog-hash: crc32c=78JZmw==, md5=oiDUpFydXYcQROUaudBdJg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70rZwgAKKbSzK%2B%2BeifI3XWNTwNmiFB9K2RGmLNddclZeJfbVppXHR%2BMg25kLU8KGvoYtPHD7LSE35H0CiAgFMRY9uP50g0pTs3%2FTU2fbPiq2vQZDw%2Fuk0ekfIdKA2zY%2FLMpOL4U2a3oCYEwcCX8%2BkVj%2FjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1196
accept-ranges: bytes
cf-ray: 8314be38eb8fbbf8-FRA
expires: Wed, 06 Dec 2023 12:54:17 GMT

GET
H2 200 PciDss.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
4 KB 17ms
17ms Image
image/png 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/PciDss.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754a00a45d1681fa7872ded722930116706b858e4b38366971e4b301140666c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3213
x-guploader-uploadid: ABPtcPo3b4KWjWUkFdDLwjap4j8K1UpmWi2_edZio2LKoqItPnTuL2Lvl8kYZO3UfXe7VtncMlA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3062
last-modified: Mon, 02 May 2022 12:25:34 GMT
server: cloudflare
etag: "fc0a95ce0fc60e39c035243f53fdc67b"
vary: Accept-Encoding
x-goog-generation: 1651494334776388
content-type: image/png
x-goog-hash: crc32c=qWUl9A==, md5=/AqVzg/GDjnANSQ/U/3Gew==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwElKIx%2BpNic6RYtsj1NMFn4KqszCfuSqpS%2Fjr%2BLquByvX8J9gtoMY61IYq2QXjchfZetEFqlfclrfAynG0p%2FWs5gutG4sSoftuN9g8N%2ByAGB4wqsTwWA%2FB1ISo0%2BXdcibhVF39T1m3WAfPD90TOES4tgw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3062
accept-ranges: bytes
cf-ray: 8314be38eb90bbf8-FRA
expires: Wed, 06 Dec 2023 13:12:21 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.11gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:11:22 GMT
x-content-type-options: nosniff
age: 147272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:11:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 73ms
73ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.11gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:11:22 GMT
x-content-type-options: nosniff
age: 147272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:11:22 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 93ms
93ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.11gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:11:22 GMT
x-content-type-options: nosniff
age: 147272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 20:11:22 GMT

GET
H2 200 apg-seal.js Show response
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/ Frame 62A2 3 KB
2 KB 180ms
114ms Script
text/javascript 2600:9000:2394:5200:0:c0ab:5c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/apg-seal.js

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2394:5200:0:c0ab:5c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7b5943fc8d36a67d00b60fe905ee021102f4b9f3b936131829be76dbc68da806

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: AMS1-P2
x-powered-by: Express
etag: W/"df5-u1LscqxoudrFPMFgfetW7/iMnMs"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 8314be3a0d079b40-FRA
x-amz-cf-id: Mmr7opHey9ZuwktWkTyzQrQQ_-PYagG62fVKQIukfQ6p0iSTLiKTqg==

GET
H2 200 84197766d2225260977bc9e2c863f43a-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3BhY2VyLXNwcml0ZS5wbmc%3D
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/ Frame 62A2 95 B
493 B 94ms
94ms Image
image/png 2600:9000:2394:5200:0:c0ab:5c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/84197766d2225260977bc9e2c863f43a-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3BhY2VyLXNwcml0ZS5wbmc%3D

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2394:5200:0:c0ab:5c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: AMS1-P2
x-powered-by: Express
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 8314be3ab8685d90-FRA
content-length: 95
x-amz-cf-id: OABbxBIsqEzN2e569jvqE5Ew0OWMMjb_0xFPH20mUNtC8P-lRDR-kw==

GET
H2 200 84197766d2225260977bc9e2c863f43a-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3ByaXRlLXNlYWwucG5n
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/ Frame 62A2 48 KB
49 KB 65ms
65ms Image
image/png 2600:9000:2394:5200:0:c0ab:5c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2394:5200:0:c0ab:5c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: AMS1-P2
x-powered-by: Express
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 8314be3aa85a2beb-FRA
content-length: 49397
x-amz-cf-id: tAecnIDFAx6AeUan601cEqIn92S00AiRNXcUXCbsBffH1phKBN2RAA==

GET
H2 200 54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/ Frame 62A2 68 B
448 B 15ms
15ms Image
image/png 2600:9000:2394:5200:0:c0ab:5c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Requested by: Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:5200:0:c0ab:5c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 05:55:42 GMT
via: 1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront)
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 457813
etag: "e679fbd466a2d656f194a5da4fa083cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 68
x-amz-cf-id: dKfOcUZ-HFX5AMctX_lOWCTwEjUtHbQRqs4FgzhtfVFdPN1saq1OqA==

GET
H2

200

main.js Show response
www.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 2BEA
Redirect Chain

https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

22ms
21ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gratowin.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0da3725797880fa637ff5b8dc08abd30fe4213976916c032ba0bd4e167cee63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8314be3ab97265a3-FRA

Redirect headers

date: Wed, 06 Dec 2023 13:05:54 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8314be3a994f65a3-FRA

POST
H2 200 8314be38ef3565a3 Show response
www.gratowin.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2BEA 0
254 B 50ms
50ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gratowin.com/cdn-cgi/challenge-platform/h/b/jsd/r/8314be38ef3565a3
Requested by: Host: www.gratowin.com
URL: https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 13:05:54 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8314be3b5a2165a3-FRA
content-type: text/plain; charset=UTF-8

GET
H3 200 ChristmasGiveaway_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 230 KB
231 KB 39ms
39ms Image
image/jpeg 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ChristmasGiveaway_.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3830da9b0fb4b8543f7172bd033e358546a8925882fb13ab135166f92025327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1176
x-guploader-uploadid: ABPtcPqggphKZRm3cwvJW42cUnxBdrv3IZpKA8uWA0enKPocaOQysnxSppyCJChThpJSQ9kT3nw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 235939
last-modified: Wed, 29 Nov 2023 15:21:29 GMT
server: cloudflare
etag: "c23822af35a429a21d43354d831cf795"
vary: Accept-Encoding
x-goog-generation: 1701271289816907
content-type: image/jpeg
x-goog-hash: crc32c=hwM3ng==, md5=wjgirzWkKaIdQzVNgxz3lQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbrVZ%2FZSeRTfa9o8W0rTh%2F1kKgpxoSXUlR0DOc%2BkLqM3RpxBUMt55HIq%2BQfHRdR%2FOnLJwmD4%2B88nrLptRD0UW8Wz8vjkZ%2Fk4yK2PhBxBNS%2BkG6Ji4jX7j6ssR%2FuPEIpA5MdmRAuFxCsUfIIIKve3aL4lew%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 235939
accept-ranges: bytes
cf-ray: 8314be42492ff100-CDG
expires: Wed, 06 Dec 2023 13:01:13 GMT

GET
H3 200 Visitor_WelcomePackage.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 286 KB
287 KB 94ms
93ms Image
image/jpeg 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_WelcomePackage.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef68e3b876df7786e67fb8973c8fa693bf2c5584234f9a5d1080ec4fdc1be9d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2561
x-guploader-uploadid: ABPtcPr9oEqYgPO9AIzgbT1r1q4WjUFZpzQJdoVXK6qq4XXXu0NUHdosV3fZle8VRY1Va89rnYA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 293097
last-modified: Thu, 07 Sep 2023 13:40:17 GMT
server: cloudflare
etag: "03062ce69fae35d730d7d270ec35fd6e"
vary: Accept-Encoding
x-goog-generation: 1694094017300474
content-type: image/jpeg
x-goog-hash: crc32c=3HysJA==, md5=AwYs5p+uNdcw19Jw7DX9bg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUnSAw32Gn6zBSPqgSuOKmYk%2BmdbL2Z7bJhDIADDTDdO7WG2jDKbYUPRp5VCBkcSIgjACB6acMnjy4hQubV9Rbz40vOzTJbTbIRGnype3s%2B8raA0IYeT3i%2BuYLbUcYf7jrsbKRQloSmvOPjSe%2Fel2cOmXg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 293097
accept-ranges: bytes
cf-ray: 8314be424930f100-CDG
expires: Wed, 06 Dec 2023 13:16:09 GMT

GET
H3 200 GW_Spinomania_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 137 KB
138 KB 25ms
23ms Image
image/jpeg 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/GW_Spinomania_.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffadb65707412f15c7b5d9576539e2a736c2d7fec47ecd9da0b789827e1f8aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1519
x-guploader-uploadid: ABPtcPpl6HDqdq2VTqo5gE6wvsQXq_5AOmw0Fa4Q-2xD5oPfEPT9RyNdVwXrbJK94BEB1BCekP-iV6OTag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 140631
last-modified: Fri, 06 Oct 2023 02:14:55 GMT
server: cloudflare
etag: "d12f1546626b15a72bf02a1d08353dfa"
vary: Accept-Encoding
x-goog-generation: 1696558495133619
content-type: image/jpeg
x-goog-hash: crc32c=BWlthg==, md5=0S8VRmJrFacr8CodCDU9+g==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeA9Hfp1HeUNoMThkTKfOf65geJjKXQPo2n9SWQHBpFDnPNMmSdT1XKUi%2BXEfx6ovMoR5Ae8r%2Fim%2FpQLDiVu7h1P5OnZnlxIKNIT4oA1RyFDSVGdOsJRy%2F7sougwCsHy6PWWF1fFgMr9COo%2Bd1Edjbhu%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 140631
accept-ranges: bytes
cf-ray: 8314be424934f100-CDG
expires: Wed, 06 Dec 2023 12:46:13 GMT

GET
H3 200 Cute-and-Creepy_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 372 KB
373 KB 125ms
124ms Image
image/jpeg 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Cute-and-Creepy_.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a30c6b206a8229db7787bf4bd0fcddc4fcc28703725c1934da423ab879174e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 610
x-guploader-uploadid: ABPtcPpuY2_odp9PseyGf0qH910vZ9W3SIH9AsraykshOaFRTc4GtbN7uq1LS5Ou24-hZNdhdFFxhQj8dw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 381030
last-modified: Tue, 31 Oct 2023 09:43:50 GMT
server: cloudflare
etag: "a6690378df813c6457e6e7a06b5a4c37"
vary: Accept-Encoding
x-goog-generation: 1698745430746313
content-type: image/jpeg
x-goog-hash: crc32c=Ec46mA==, md5=pmkDeN+BPGRX5uega1pMNw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSO%2BU6H1u%2BleSslWhODb%2FbsVYNDQVlGN3Pqn1BJAXbPWLZPTN4L0nQt5SaGy6iJdKi%2FK1t6X7wLh41ETK%2BmNzPP6ChfCCDzBgWSVluprTLMIZVgQYMtHMdI3WhG%2B9rST3GQD9YTffh9wUkpRQJMwHB1h%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 381030
accept-ranges: bytes
cf-ray: 8314be424936f100-CDG
expires: Wed, 06 Dec 2023 13:55:45 GMT

GET
H3 200 DoubleDeposit-NEW.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 324 KB
325 KB 139ms
138ms Image
image/jpeg 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/DoubleDeposit-NEW.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662747cadb243580036e79bfd0e80b654593111eeeb96e1f743ff4095b588189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 284
x-guploader-uploadid: ABPtcPpRTjG5fsJPSor41ZzU_eb4rAsw4zREncb-dXS3-JcKcI1xlbcWF_GvIHtsAW7u47tu4A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 331697
last-modified: Tue, 17 Oct 2023 14:23:12 GMT
server: cloudflare
etag: "0be45f8f8f72b2a9810d1d8cff613c99"
vary: Accept-Encoding
x-goog-generation: 1697552592607060
content-type: image/jpeg
x-goog-hash: crc32c=plPTog==, md5=C+Rfj49ysqmBDR2M/2E8mQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33u3D6UT%2FX5lYuD%2Fu43uGVn%2FF5lBVxpSvnn%2FU2FJIbNjuzqtvtHQ0imLuAXY8TqJLNaolOF%2BIeEADepe23i8EumcdHz9VR95w9%2FZrk9Xy9ueLmhGzH%2BBhfFM%2B%2B9cuCbaJ%2BWSpm6yMXogzfN%2FLetD5w0vHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 331697
accept-ranges: bytes
cf-ray: 8314be424937f100-CDG
expires: Wed, 06 Dec 2023 14:01:11 GMT

GET
H3 200 WeeklyCashback.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 625 KB
626 KB 151ms
150ms Image
image/jpeg 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/WeeklyCashback.jpg?v=96
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e35783c6f9ed24b1585355570a46af03d24c69f7bc88afc7f8e23118729b18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 211
x-guploader-uploadid: ABPtcPqhfycQJiguJQWafFVO2Cq4Zg1P0xwgdxfOfv_vQ40t_dnQXihNR43wJSmNmWh6Vs3eGNmneXCwaSLlfQrCjYgGe-tc22z-
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 640106
last-modified: Wed, 11 Jan 2023 06:43:04 GMT
server: cloudflare
etag: "a8ba90e328f6549dc0142af297ebd572"
vary: Accept-Encoding
x-goog-generation: 1673419384943391
content-type: image/jpeg
x-goog-hash: crc32c=/mwnPw==, md5=qLqQ4yj2VJ3AFCryl+vVcg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxMei6ySHu2kQfh%2F%2FYHQhE6p%2BUL9l0rHkP5Ram0ZmfWzMUjkoFCXVIqGWuAYaDfFrNMq6LYYzKxRgIA0bptH07iSq6DdCzfhLjQOedrtO9kIo29QJxTZruo81h4TRjeRU%2BoBs%2F00Xbrm7taq8ArS7qYrDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 640106
accept-ranges: bytes
cf-ray: 8314be424939f100-CDG
expires: Wed, 06 Dec 2023 13:16:12 GMT

GET
H3 200 FridayFun.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 269 KB
269 KB 158ms
157ms Image
image/jpeg 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/FridayFun.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9731f4ed6b73c9446d8fe8d0a0bf84507eea260dcfe72a12c122be32be90b1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1173
x-guploader-uploadid: ABPtcPr6bWGXW6IYIJVxyjbRd3PGSdxMOGbYik_Wj0LnRNOt-u81Tm8yZBKLJRiiqL5ZXHpypg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 275073
last-modified: Wed, 11 Jan 2023 07:13:40 GMT
server: cloudflare
etag: "4c5a28971e6bbd56b1b8c30b28d784f3"
vary: Accept-Encoding
x-goog-generation: 1673421220235017
content-type: image/jpeg
x-goog-hash: crc32c=Oj9oqQ==, md5=TFoolx5rvVaxuMMLKNeE8w==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjqTSaDa1iqa6V%2BAs20aXL34uzP4JLXvctWYMojivWG3ZjN0Pdz0a2mmchVNu1dUPWQyloB%2BR%2FBa8rMfHUnUzDjO1C%2BWNN%2FN4yHX%2Bh92aRgp%2FM%2F7T2NtFhJrx2%2F4xkb%2FkLcLbNmUdArkFEvpSRYsDHds%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 275073
accept-ranges: bytes
cf-ray: 8314be42493cf100-CDG
expires: Wed, 06 Dec 2023 13:31:10 GMT

GET
H3 200 Visitor_VipPoints.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 234 KB
235 KB 167ms
166ms Image
image/jpeg 2606:4700:3033::ac43:dbbf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_VipPoints.jpg?v=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:dbbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64078858db64c027324a4cea36d5b3b24860d34ed55f608905537b003763cc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:05:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1984
x-guploader-uploadid: ABPtcPpFPKGa_UfKIoaEn0dhkkDb08dTN-CB1CemHlt011zSohxjjGLIGIEdaoujzhnD2Apzb7yDe036VtXLKgJYYUlCsw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 239901
last-modified: Fri, 23 Dec 2022 09:37:26 GMT
server: cloudflare
etag: "33a67d20a4ab15504d591a96f25ab9f9"
vary: Accept-Encoding
x-goog-generation: 1671788246895946
content-type: image/jpeg
x-goog-hash: crc32c=zi0a3g==, md5=M6Z9IKSrFVBNWRqW8lq5+Q==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhGo%2BkQgVevb3O9FqekqFXsjCcgbNyIdQgUZW5BFiIcZEY1jf9KwSoT9L4pVB0pTP0AIF0nX4pwN0ltYRAYcsI1OBcQQ3vCC6HSQOCn0AIE5o85%2FMcZtPwNX3at%2FGIUwpdjrl0G%2FMBXCT9GZV9C%2BA7eirQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 239901
accept-ranges: bytes
cf-ray: 8314be42493df100-CDG
expires: Wed, 06 Dec 2023 13:16:09 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 40ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5D5LQ8JKK9&gtm=45je3bt0v9126070701&_p=1701867951727&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1992894351.1701867952&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=2&dl=https%3A%2F%2Fsecure.11gratowin.com%2F&dt=GratoWin&sid=1701867952&sct=1&seg=1&en=page_view&_ee=1&_et=2&tfd=6123
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.11gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:05:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.11gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: analytics.streamygame.com
URL: https://analytics.streamygame.com/event

Domain: analytics.streamygame.com
URL: https://analytics.streamygame.com/event

Domain: ga.streamygame.com
URL: https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.11gratowin.com

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.11gratowin.com/	1970-01-21 02:20:27	Name: redux-cookie Value: %5B%5D
mpsnare.iesnare.com/	1970-01-21 01:30:03	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: vDmNIapJcF7fllk07igI74snUt8RbpQjTlXZr0+Tdgs=
.11gratowin.com/	1969-12-31 23:59:59	Name: playerType Value: 0
secure.11gratowin.com/	1969-12-31 23:59:59	Name: registerState Value: returning
.11gratowin.com/	1970-01-20 17:27:43	Name: url_affToken Value: 1
.11gratowin.com/	1970-01-20 17:27:43	Name: url_affiliateToken Value: 1
.secure.11gratowin.com/	1970-01-21 01:30:03	Name: cf_clearance Value: YMuHR28BRYGKS1ohg0CSyrR0yBHB0BBki5i_SOwmzQg-1701867951-0-1-b40f7245.592ce1e4.e30e2da5-0.2.1701867951
secure.11gratowin.com/	1970-01-21 02:20:27	Name: locale Value: %7B%22lastSavedLocale%22%3A%22en%22%7D
.11gratowin.com/	1970-01-21 02:20:27	Name: _ga Value: GA1.2.1992894351.1701867952
.11gratowin.com/	1970-01-20 16:45:54	Name: _gid Value: GA1.2.2039472026.1701867952
.11gratowin.com/	1970-01-20 16:44:28	Name: _gat_UA-27702367-6 Value: 1
.11gratowin.com/	1970-01-21 02:20:27	Name: _ga_5D5LQ8JKK9 Value: GS1.2.1701867952.1.1.1701867952.0.0.0
.www.gratowin.com/	1970-01-21 01:30:03	Name: cf_clearance Value: Hua2BPQ2in99fzOjf6aEROVBrJ3DG7cJy6OmJ9WPYc8-1701867954-0-1-b40f7245.c2941fca.e30e2da5-0.2.1701867954

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.11gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://secure.11gratowin.com/#/lobby Message: Access to XMLHttpRequest at 'https://analytics.streamygame.com/event' from origin 'https://secure.11gratowin.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://analytics.streamygame.com/event Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://secure.11gratowin.com/#/lobby Message: Access to XMLHttpRequest at 'https://analytics.streamygame.com/event' from origin 'https://secure.11gratowin.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://analytics.streamygame.com/event Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://secure.11gratowin.com/favicon.ico?_=1701867952102 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://secure.11gratowin.com/favicon.ico?_=1701867952133 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://secure.11gratowin.com/#/lobby Message: Access to XMLHttpRequest at 'https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.11gratowin.com' from origin 'https://secure.11gratowin.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.11gratowin.com Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://secure.11gratowin.com/favicon.ico?_=1701867953142 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com
anakatech.uat1.evo-test.com
anakatechsupport.freshchat.com
analytics.streamygame.com
b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com
bat.bing.com
cms2.11gratowin.com
cms2.netoplaycdn.com
d2afn796dyftlg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ga.streamygame.com
maxcdn.bootstrapcdn.com
mpsnare.iesnare.com
region1.google-analytics.com
secure.11gratowin.com
storage.googleapis.com
web-sdk.smartlook.com
www.google-analytics.com
www.googletagmanager.com
www.gratowin.com
analytics.streamygame.com
ga.streamygame.com
147.78.140.21
147.78.140.52
147.78.140.54
18.245.60.51
2001:4860:4802:32::36
2600:9000:20a0:3200:19:2a6:6500:93a1
2600:9000:2394:5200:0:c0ab:5c00:93a1
2600:9000:2449:f600:16:65cb:3ac0:93a1
2606:4700:3033::ac43:dbbf
2606:4700::6812:acf
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:80b::201b
2a00:1450:4001:80f::2008
2a00:1450:4001:813::200e
2a00:1450:4001:829::200a
2a02:6ea0:c700::17
2a06:98c1:3121::3
54.228.71.178
76.223.64.65
0190647c906fb17897d0831daf5a6ef416fe3c88379b49bfe0b435ece5471b55
032a1486229f01239ebdeef9bff74f20b2dc74187a1e2fb6e6022575c3e728d6
03a30c6b206a8229db7787bf4bd0fcddc4fcc28703725c1934da423ab879174e
041614eba00e42ce2f390e3ea78bf965c960fd89bfe916ee00a838d82d51e6a1
048b2f5e3b86bec8b10baa4271ef5c706150a317e3a42a4a2ea97ca4a507b024
067b6ebcefa5dbbd0af6ae707c21061eb841b515e0ea1617c95917ecff0fad24
087a64a782e52566b9f11c4d3ffbf22498482165591c955972fece46a702f13b
08c09c3a68e6e466dbc98e7c4ceba3a62524fa976cd582ef70d016b197eb10e8
0af2e2a86b8e8d47a1a5ca54128c0a7adf09074386cf5a8ee68f178a68584362
0b6ee5642e247392075c40330df8d51d04005266b70e50e29a988998dde3a459
0e91de8b587baf86d05f8da82ac270eab8d4989defcdc85ffda62578778b04a3
0ebb87df614d24d505185917fb3b26027f914fe0aed27df37fa5147316ad6787
1074c255bd811197ef02da1aeeb6fb61985eaee1f97418dd125b4a50325765b6
15cfa9b06c9a724eb7f2355eee7e5ec1234a265964085b579c6878143dab2fac
172bd24482eb3ee7cd47d845136150246425e03c2867139e8cd2caf0160ef80c
1ab342fcaeef1cb265817783f2f8454961b3259dae4c0ce05af1fa2392f02de2
1db396e25b1be4ca3f7e9c24919dc3a71d01ce8cfa71efb7ef7f4dcb885b0f6e
1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7
1f20c6fbae3687481433c16bb8b211f9621a8112519cccb4fd4e045638c70760
2606805dcd1986ea045b8b047bc8275d8fe19ca375081edc5d5453a02b7b5e9b
27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048
2bd44487689f7f4501db1b9b7a7a50849c4d42e534eef60a04356a7851e92c0c
2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6
2ee566c7e9c3599edacb8f73da21e4e889915ef28bce0bbbfb212f2cdcee6985
31c2b965508f531a6e7227efa494456ed196345d5ce69fe7d070e1cd40bdd64d
33ca242f06daeb930a6a59b6a05524346af8001865296169457b029398f15a6e
35ae00860c65aebae277fd401ca0d2b0403dc071df4d0568b5384739a13ad5e4
384ca46673f9d9209ecf6b510aa5e67e5e6e8c5762d7b5c8e643dfc96fb96031
3cb79b9508c21b802e1288bdca34ea29bb9ea8153b26cf6e9254608957fde930
3cd75841e07ea4dffe7fcf42c80483791c11f9d7934f1bd0bd12c5b37a10686e
3e205c59d44f4f0a0c66989238c8b818b3628171c2f4d912810a09a92d03905e
3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866
41f92fcffa7df004f0126954aabee78739751b7bb0298dc32a73d611beec3e7c
46fc4a87fc26af48e9ed092f9f9ec3425829162294534a62b88257c1e3b90133
47e2cfafc5d22b9180058966ddbb570236f349b5e19d993d89e96a3bd37a70b2
486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b
48e47ee54e22ca42f903eb52bc711f60d93b05f595eb5f65454da85f4dc81036
4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0
4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7
520e49a94d702a60d06af18720897cf03168c2d6dbdb58ec4466ea615b74a4c4
527fbdba17e7894f938ba8ea6ce6d6a498e4b7d6674578bfe20ea6060177e6a8
537e6c71ae3f0c2627e4f4e4288dfa350c19b45b6f549e475b964af51945a48a
54a1a6151a81ec40d14bf2e85d4f116a90c545adfd6c5499ee6879de870315c8
578d67df1a745af8a7cfe2cd4d139f856941d3275e23f6aa74b1f18c6702e2a2
5bc297dbb76681bfeb234478f17cb66c16224967a3353cdf7bff97d57165d06b
5d34beb1f94649a276dd03f83ab7d2ee8e6559e502bf6cace48ea170f5c8e114
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e82c2fdf15920f24e05e1385ed8f40901899b1b89bf453bc6d66e73064f6f56
5f650aad37e541335f86817ea21b510129524eb2da8daaa0a6abb1043fac40bd
662747cadb243580036e79bfd0e80b654593111eeeb96e1f743ff4095b588189
6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5
688434a09f429e821ab2147bbc7576fd6ddb55e765fab358a7e76a2c98f85ee1
6aae23685ad6563cbbb3e33632fb29c31078254370c57be634b7a80f173ce708
71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a
7275c870b1915062e612686a5aa1954f1a9d189f6380feaee9715dc0acd32068
72ba589e030b6b1b37aa2dd5ef0a663660368999f9e23e5c686d72210529dcb9
74686cb67a39ba6066421272589bcf938003022d9dbc772454747518073ac1a9
754a00a45d1681fa7872ded722930116706b858e4b38366971e4b301140666c6
7b5943fc8d36a67d00b60fe905ee021102f4b9f3b936131829be76dbc68da806
7bc364554159c5ace8fbae0965ff955753855fbf7c0238ba5acbbe46af0d6ba3
7ce32208321c1a409e98a42ff3f8b7c10d2d7e1cc31037dd8aa4f54e391c4b1b
7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924
7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29
7e35783c6f9ed24b1585355570a46af03d24c69f7bc88afc7f8e23118729b18d
82868382cc5ca3ed568f5d3fce7cdf50781aecc416575e62e43a3de5713f1215
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2
9207ac8f91fe621faaaf513e98755be395dfe1987950a0ad1aa508c8637b96d1
931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215
93e7b187ef5ff6c36f048c0302efb81dc4333f4fdcc8045a9e4f6395d13e1ed5
9731f4ed6b73c9446d8fe8d0a0bf84507eea260dcfe72a12c122be32be90b1fd
99cdf6f6961a036e078d82290a9a594286fb52552d0160adb387e7ca60c5f1dc
9bab7eab8e1e05aa031ce685b74fdb8bbbffb418f4068dadfb44ffd6d130af5d
9c8bfeca344606b6056c80afd511d3327659e363ed6e6e95a1516285b974266a
9efb48d2f94efd3e71b124869e7f8dc19c36cda80d1f4fcf34544eacc5fe237b
9f54553274f460f9d71d346b32bd34d7c4b1c3d968cdc1a7075cf22863be49de
a09b6faa891a8e730e9f2e956215a1bfef1725dc855261c41d600ebd26f897a6
a8277b0b9a43b24cb577a0b5e8eb07e4bb293bed4b79bf523a11aebc4343a1ca
a885a9ed0d2f31aee9f9c543e4efb0729ead5feebb774d67de5e52a1e38ed769
a9425a082082e3913ccb6e66f53f00ae2a72c7fbb4ec86bc12f08c4f61af753d
ad0a5aaf5beef1b7f83831e638044e664c4b2e702268137c23f974bf821dc525
ae668293659361b51dd9a3691955a32a8bedc26c830ffa886d624d15b953b4a4
aee37563498c6b9d28eda1e4fa7fddeb8b8f8223b623a0767c7fcd3bc3348ba7
af53eed30f9086583486b73ab57817549dfdea79da39762bff5a87dded0eef80
b185da9777f2953b350ef4dd6d0f78d94bdea1ec0a6ef42c629d47f854b8c20f
b2ca845c5e87533da52958f4b9c52f6d2a373f2a273a7b6e90093026f7a1ae47
b44452423e27abf304bca5773bc2657000d4e69a578f406af5b3d096a7a3f666
b7753fc15c77b4bb28f585183aa61aa4b5cdd92b1a86a5564c366a3e1a71fd00
b7ed2a63dfad9be57d2789d4f079fd7c67328f9467b5cce4539e4dd0c98a73a5
baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbd039d1d5621472a25b228ca3f48c08aef9cabf180e982530cd84a3abc04555
c00a8b4ebe41999121dda6c5017206dab5cd76b1b3ebb6b64a34ece37538a775
c0ca60f1dad78e13d0b750e96ac1de35a86b68c26adc8dd14944930a3eb43a11
c21ac0bbb27a457552858b53c117acc699665377f80e292970c9c56f7306dadc
c53355d0aeb687aedd3c0448b3038b16006e8c4b20eeefdbd8c16972244373e7
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cfd2909b0463fd227763a7fd38530bc46cd675295141ab90901499b018e5e771
d339dcaa888f6c34a4f18d8ebb342a11440f945a4a64c9ed411052c39876f1e9
d38943d97e898c50c2d84cf8b02eba6c75f37ee01c9966730c9891f15bdb1c5f
d3ab881e2a91522416b0befe1c8cb255b9cb85a398c74d95bb9fb7c7dcaa968e
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0da3725797880fa637ff5b8dc08abd30fe4213976916c032ba0bd4e167cee63
e3830da9b0fb4b8543f7172bd033e358546a8925882fb13ab135166f92025327
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa57defbf5abea94ccbabc3b59b8d14cc4b1b02a27406d1320a67e56e24a40
e4363b84238dda44f9ca7980c91b775f141a438aa2af9152b98a036f664ca178
e556916c8d10ea83b944cdca70a9c0591aa9d3f5916f56a26bac507cd1fc1d0e
e64078858db64c027324a4cea36d5b3b24860d34ed55f608905537b003763cc3
e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6
e8613ffc72830ed409ec8354729a002561f2d8faf30c64556047d44d95626727
e904cf106f46b7ff5e1ea4e0fb2343e442e7fe66148a5ce2dfbbfbf0c2c8e0e3
ea47861f3a7ed205a8c8d83e3756164f4a0987d6bf7421b5599e94abf7d03d05
ead4316244132a546befbaed54baaed4f362b3846aea784ee188e94f83ccacd9
eb26e4def0ae597b119310e3c3fa2d5eea2b5dbdd640baa3dd177661d140e75b
ec8dde890e62b047cc85b89a856e84d3d4d3b67f13ce15bb7ab01149d28c40a6
edf6d19e0dd9ed298e4fcf59adadff77ff255f8ec76ce5a9f028675b9f4e7212
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef68e3b876df7786e67fb8973c8fa693bf2c5584234f9a5d1080ec4fdc1be9d9
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3a3bad77018a615558340201b8d3a3ef4161786e11be214f99591cedf354066
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f98a4225b2ef0181153180092128e72c571fc7ecde9269d36056e0ebd0e51ca2
fc0a5ec70e694026143af49e4d9bc423d812096c1b7d3bdc6e65dde3e891b409
ff0a2252519ac7d9c8ecdce597a87bb68dc098e0bcb825bde4d4ae58bb31ce3d
ffadb65707412f15c7b5d9576539e2a736c2d7fec47ecd9da0b789827e1f8aac

secure.11gratowin.com Open in urlscan Pro 147.78.140.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

97 %HTTPS

70 %IPv6

17 Domains

21 Subdomains

21 IPs

4 Countries

5323 kBTransfer

9349 kBSize

13 Cookies

1 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.11gratowin.com Open in urlscan Pro
147.78.140.21 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

97 %
HTTPS

70 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

5323 kB
Transfer

9349 kB
Size

13
Cookies

147 HTTP transactions
1 data transactions