urlscan.io logo urlscan.io
SecurityTrails logo

ca.gratowin.com Open in urlscan Pro
2606:4700:20::681a:e3d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.netoplay-t.mkt4157.com/ctt?kn=6&ms=MjI5NDYwNjAS1&r=LTQ4NjIzNDI5NDES1&b=0&j=MTcwMTI2NDMwMQS2&mt=1&rt=0
Effective URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Submission: On March 23 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 67 HTTP transactions. The main IP is 2606:4700:20::681a:e3d, located in United States and belongs to CLOUDFLARENET, US. The main domain is ca.gratowin.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 12th 2019. Valid for: a year.
This is the only time ca.gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.112.69.20 19795 (SILVERPOP...)
32 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
17 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.249.101.23 11054 (LIVEPERSON)
1 50.16.243.242 14618 (AMAZON-AES)
1 2a03:6400:10:... 11054 (LIVEPERSON)
1 2a03:6400:10:... 11054 (LIVEPERSON)
3 208.89.12.87 11054 (LIVEPERSON)
67 13
1    74.112.69.20 (United States)

ASN19795 (SILVERPOP-ATL, US)
PTR: open.mkt51.net
links.netoplay-t.mkt4157.com
32    2606:4700:20::681a:e3d (United States)

ASN13335 (CLOUDFLARENET, US)
ca.gratowin.com
files.gratowin.com
secure.gratowin.com
2    2606:4700:20::681a:f5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.gratohelp.com
17    2606:4700:20::681a:6f0 (United States)

ASN13335 (CLOUDFLARENET, US)
files.winofolie.com
2    2606:4700:20::681a:eb2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hermione-ltd.com
2    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
1    50.16.243.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-243-242.compute-1.amazonaws.com
sample-api-v2.crazyegg.com
1    2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
lpcdn.lpsnmedia.net
1    2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
accdn.lpsnmedia.net
3    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
Domain Requested by
27 ca.gratowin.com ca.gratowin.com
17 files.winofolie.com ca.gratowin.com
3 va.v.liveperson.net lptag.liveperson.net
3 files.gratowin.com ca.gratowin.com
2 lptag.liveperson.net ca.gratowin.com
2 www.google-analytics.com www.googletagmanager.com
ca.gratowin.com
2 secure.gratowin.com ca.gratowin.com
2 fonts.googleapis.com ca.gratowin.com
2 cdn.hermione-ltd.com ca.gratowin.com
2 cdn.gratohelp.com ca.gratowin.com
1 accdn.lpsnmedia.net lptag.liveperson.net
1 lpcdn.lpsnmedia.net lptag.liveperson.net
1 sample-api-v2.crazyegg.com script.crazyegg.com
1 script.crazyegg.com www.googletagmanager.com
1 www.googletagmanager.com ca.gratowin.com
1 links.netoplay-t.mkt4157.com 1 redirects
67 16

This site contains links to these domains. Also see Links.

Domain
www.gratowin.com
fi.gratowin.com
de.gratowin.com
ru.gratowin.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-12 -
2020-10-09		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-03-03 -
2020-05-26		 3 months crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-28 -
2020-08-05		 6 months crt.sh
*.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2017-12-17 -
2020-12-16		 3 years crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA		 2018-06-08 -
2020-08-05		 2 years crt.sh
*.lpsnmedia.net
COMODO RSA Organization Validation Secure Server CA		 2018-02-26 -
2021-02-25		 3 years crt.sh
*.v.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2018-05-08 -
2020-05-07		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Frame ID: 33841F8573FE7DFECAB2AE5F9A4A05D1
Requests: 66 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2Fca.gratowin.com&site=70099149&env=prod
Frame ID: FF7FCBB4F6FD1F15323345CAF5465CB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://links.netoplay-t.mkt4157.com/ctt?kn=6&ms=MjI5NDYwNjAS1&r=LTQ4NjIzNDI5NDES1&b=0&j=MTcwMTI2NDMwMQS2&mt=1&rt=0 HTTP 302
    https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReport... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /drupal\.js/i
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i
Overall confidence: 100%
Detected patterns
  • script /drupal\.js/i
  • meta generator /^Drupal(?:\s([\d.]+))?/i
  • headers expires /19 Nov 1978/i
Overall confidence: 100%
Detected patterns
  • script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /swfobject.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

67
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

16
Subdomains

13
IPs

4
Countries

1361 kB
Transfer

1926 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.netoplay-t.mkt4157.com/ctt?kn=6&ms=MjI5NDYwNjAS1&r=LTQ4NjIzNDI5NDES1&b=0&j=MTcwMTI2NDMwMQS2&mt=1&rt=0 HTTP 302
    https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ca.gratowin.com/
Redirect Chain
  • http://links.netoplay-t.mkt4157.com/ctt?kn=6&ms=MjI5NDYwNjAS1&r=LTQ4NjIzNDI5NDES1&b=0&j=MTcwMTI2NDMwMQS2&mt=1&rt=0
  • https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
48 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.26
Resource Hash
d44cad421d07371c4f95b497aa2ffa255e7579f95a08b9980e6a0ff6ae27dcef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ca.gratowin.com
:scheme
https
:path
/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 23 Mar 2020 19:34:05 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d53f4cff9e7abe737ea7cf134bf5737a81584992045; expires=Wed, 22-Apr-20 19:34:05 GMT; path=/; domain=.gratowin.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
PHP/5.5.9-1ubuntu4.26
expires
Sun, 19 Nov 1978 05:00:00 GMT
cache-control
no-cache, must-revalidate
x-content-type-options
nosniff
content-language
fr
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge,chrome=1
link
<https://ca.gratowin.com/node/440>; rel="shortlink",<https://ca.gratowin.com/index.html>; rel="canonical"
x-generator
Drupal 7 (http://drupal.org)
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
578a967aafab63d1-FRA
content-encoding
br

Redirect headers

Date
Mon, 23 Mar 2020 19:34:05 GMT
Location
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Content-Length
0
Connection
close
Content-Type
text/plain; charset=UTF-8
system.base.css
ca.gratowin.com/modules/system/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/modules/system/system.base.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Oct 2018 11:53:16 GMT
server
cloudflare
age
3113
etag
W/"1534-578bbc82a8300-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3363d1-FRA
field.css
ca.gratowin.com/modules/field/theme/ 		550 B
301 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/modules/field/theme/field.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3ad317a103b4271c6d00cb97957c0d8e0f5bfd6cdc74976d022dd526963ecdf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Oct 2018 11:53:05 GMT
server
cloudflare
age
3113
etag
W/"226-578bbc782aa40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3463d1-FRA
ctools.css
ca.gratowin.com/sites/all/modules/ctools/css/ 		509 B
302 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/modules/ctools/css/ctools.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596cb5efcea1a31463ea879d1830c58058ecb10823d09b03ff6e72722593c6d1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jan 2016 13:30:23 GMT
server
cloudflare
age
3113
etag
W/"1fd-529afdf2039c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3563d1-FRA
styles.css
ca.gratowin.com/sites/all/themes/winofolie/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/css/styles.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802096f222716e3aa7f228709dc83c9602eb1cb24d100b594290b5f8a4904481

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 02 Feb 2020 16:50:57 GMT
server
cloudflare
age
3113
etag
W/"a6bc-59d9a9c569e40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3663d1-FRA
jquery.min.js
ca.gratowin.com/sites/all/modules/jquery_update/replace/jquery/1.8/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/modules/jquery_update/replace/jquery/1.8/jquery.min.js?v=1.8.3
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Jan 2016 13:30:27 GMT
server
cloudflare
age
3113
etag
W/"16dc4-529afdf5d42c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3763d1-FRA
jquery.once.js
ca.gratowin.com/misc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/misc/jquery.once.js?v=1.2
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Oct 2018 11:53:00 GMT
server
cloudflare
age
3113
etag
W/"b9e-578bbc7365f00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3863d1-FRA
drupal.js
ca.gratowin.com/misc/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/misc/drupal.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Oct 2018 11:53:00 GMT
server
cloudflare
age
3113
etag
W/"4efb-578bbc7365f00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3963d1-FRA
fr_cklFHvRbffNvdSXiEd9q5HFbLpRfXWNG8T3cgo_zoQ0.js
ca.gratowin.com/sites/GratoWin.com/files/languages/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/GratoWin.com/files/languages/fr_cklFHvRbffNvdSXiEd9q5HFbLpRfXWNG8T3cgo_zoQ0.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.26
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-language
fr
status
404
vary
Accept-Encoding
cache-control
max-age=14400, must-revalidate
cf-ray
578a967d3a3a63d1-FRA
content-type
text/html; charset=utf-8
expires
Sun, 19 Nov 1978 05:00:00 GMT
cookies_alert.js
ca.gratowin.com/sites/all/modules/Custom/cookies_alert/ 		442 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/modules/Custom/cookies_alert/cookies_alert.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e267819b7d33e7dd4f2f5f59ca826d3ddbfaf38f1c207c03a1c90be32e1db2f8

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 04 Nov 2018 16:30:28 GMT
server
cloudflare
age
3113
etag
W/"1ba-579d94949f100-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3b63d1-FRA
swfobject.js
ca.gratowin.com/sites/all/themes/winofolie/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/js/swfobject.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2016 13:13:23 GMT
server
cloudflare
age
3113
etag
W/"27ec-52fbc9c1c22c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3c63d1-FRA
jquery.slideShow.js
ca.gratowin.com/sites/all/themes/winofolie/js/ 		6 KB
922 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/js/jquery.slideShow.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ca63ede6d903e7df2190e56ca1a938592f4dd03029f5f5142abc9d60bcf385

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2016 13:13:24 GMT
server
cloudflare
age
3113
etag
W/"175c-52fbc9c2b6500-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3e63d1-FRA
webticker.js
ca.gratowin.com/sites/all/themes/winofolie/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/js/webticker.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8e5875dfe673ac028b945e88c54cedff725a14a450c75ed8fc8b5cd5c4782c

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2016 13:13:23 GMT
server
cloudflare
age
3113
etag
W/"19eb-52fbc9c1c22c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a3f63d1-FRA
responsiveslides.min.js
ca.gratowin.com/sites/all/themes/winofolie/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/js/responsiveslides.min.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f306db5a9c29477acdd6b78d57734f0aa7936a1fa9b9ba8bd36204ba12aaf40

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2016 13:13:24 GMT
server
cloudflare
age
3113
etag
W/"d45-52fbc9c2b6500-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a4163d1-FRA
jquery.textfill.js
ca.gratowin.com/sites/all/themes/winofolie/js/ 		708 B
340 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/js/jquery.textfill.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6635f28ad4022aa9d041d1cc516e6462b02d96ac9b639e5c8c95d556f920cf4

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2016 13:13:23 GMT
server
cloudflare
age
3113
etag
W/"2c4-52fbc9c1c22c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a4263d1-FRA
ui.js
ca.gratowin.com/sites/all/themes/gratowin/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/gratowin/js/ui.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb3bc6c4b122e11a187e6e4bff4d66edad94ce8b79d8296bfa8635be3768236

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 02 Feb 2020 16:04:37 GMT
server
cloudflare
age
3113
etag
W/"35cf-59d99f6a32f40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
578a967d3a4763d1-FRA
utils.js
cdn.gratohelp.com/assets/js/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gratohelp.com/assets/js/utils.js?v=17
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.26
Resource Hash
5dd145fb07f12997e1ca3f43a74ea5994d2e287e3d85a294d4261f817988b246

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
3113
x-powered-by
PHP/5.5.9-1ubuntu4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=14400
cf-ray
578a967d988f26e8-FRA
visitorCountry.php
ca.gratowin.com/ 		354 B
273 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/visitorCountry.php?language=fr
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.26
Resource Hash
ce56563b286010124820358fc7af0c317cdbf4fb133832003ce0784ad1a4083c

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
578a967d3a4863d1-FRA
logo.png
ca.gratowin.com/sites/all/themes/winofolie/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/logo.png?2
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef399146e23335148e623a98d68b0e1d5044aa57928bfd3e87e86446eab1d8d

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
cf-cache-status
HIT
last-modified
Wed, 14 Mar 2018 16:28:35 GMT
server
cloudflare
age
3113
etag
"7e33-56761ddd892c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
578a967d3a4963d1-FRA
content-length
32307
login_FR.png
files.gratowin.com/images/buttons/login/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.gratowin.com/images/buttons/login/login_FR.png
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3a1cfc1dd60167208672055d477674081f1005f831076bb605c66ad45e3e59

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2Uqv2gSuCusatPuKVo0DgJUFVvECl6Cb8yKEWjOGWRmg5nZEa7U7WOmi_KEiu_HX5L_qD9HrDexCMEvOQsAaRITmh4oi7g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
1055
last-modified
Mon, 11 Feb 2019 13:54:50 GMT
server
cloudflare
etag
"210801a1c808e72f8d1c5607f62fe3e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=rw5Flg==, md5=IQgBocgI5y+NHFYH9i/j6A==
content-type
image/png
x-goog-generation
1549893290852965
cache-control
public, max-age=14400
x-goog-stored-content-length
1055
accept-ranges
bytes
cf-ray
578a967d5a5163d1-FRA
expires
Mon, 23 Mar 2020 20:34:05 GMT
join_FR.png
files.gratowin.com/images/buttons/join/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.gratowin.com/images/buttons/join/join_FR.png
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1849866f862b2cc38dd1486a48cf8ce313f9e75ebe312d9b278658dc5b4159a

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2UpCpSCduSy4Lwq60sswCm1z4Rpj5kntSLstMXbaFBr4O4KWAKD9MbPo1C4a4JTSsROcWUcq2o1rURtET8TdLkQNeEKYHA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
1242
last-modified
Mon, 11 Feb 2019 13:54:39 GMT
server
cloudflare
etag
"2d54fcfe7e47a483fa2a3107e30e3aec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=SWdkYA==, md5=LVT8/n5HpIP6KjEH4w467A==
content-type
image/png
x-goog-generation
1549893279428704
cache-control
public, max-age=14400
x-goog-stored-content-length
1242
accept-ranges
bytes
cf-ray
578a967d5a5363d1-FRA
expires
Mon, 23 Mar 2020 20:34:05 GMT
sec-gratowin-desktop_FR.png
files.winofolie.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/images/sec-gratowin-desktop_FR.png?v=1
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18a9feb224085d2cda6675fcbc9ca8e0a26dabe6fdc6c90e560b2f9a54a992ce

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
pngoptimizer, origSize=4978
x-guploader-uploadid
AEnB2Uq8oXFA0eZ9cj2niHZh114SD_jnvqKjArTeQP5HoTn7f9v6VF1PsaE-EbHwhProq0-zDS4zIBhYlGmTSm4HyX1cTfAEYg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
4973
last-modified
Wed, 22 Jan 2020 14:57:44 GMT
server
cloudflare
etag
"0685d6ee0a5abcf57eceadbfb283d243"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=V+BqrA==, md5=BoXW7gpavPV+zq2/soPSQw==
content-type
image/png
x-goog-generation
1579705064070549
cache-control
public, max-age=14400
x-goog-stored-content-length
4978
accept-ranges
bytes
cf-ray
578a967da88c1f39-FRA
expires
Mon, 23 Mar 2020 20:34:05 GMT
Validation.png
cdn.hermione-ltd.com/assets/img/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.hermione-ltd.com/assets/img/Validation.png
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
105bf2c916b4196b471b5d93d1a569bb5c7afff9fd9a3fa76bca0926fce0129c

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
cf-cache-status
HIT
last-modified
Sun, 17 Sep 2017 16:09:09 GMT
server
cloudflare
age
3113
etag
"6d75-55964d8981340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
578a967dabccdfeb-FRA
content-length
28021
PMs-gratowin-desktop.png
files.winofolie.com/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/images/PMs-gratowin-desktop.png
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
840d59d331bd35e466f7e8f8fc32a95a09b1e48d362b1c2b9477a789657fe53d

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
pngoptimizer, origSize=31636
x-guploader-uploadid
AEnB2UpyyrvEf1IeNLM2px2EofVMUeGHTl7dBJ9B_5gQOvBsVnLhEIlrAwirUQ7WvKx46De_EH55QHzFSJ_PPReRQQ4RzHmT-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
20449
last-modified
Tue, 04 Jun 2019 12:54:38 GMT
server
cloudflare
etag
"54dabfa5b2af65f2f608540aac877573"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=XPhUTg==, md5=VNq/pbKvZfL2CFQKrId1cw==
content-type
image/png
x-goog-generation
1559652878680763
cache-control
public, max-age=14400
x-goog-stored-content-length
31636
accept-ranges
bytes
cf-ray
578a967da89c1f39-FRA
expires
Mon, 23 Mar 2020 20:34:05 GMT
popups.js
cdn.hermione-ltd.com/assets/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hermione-ltd.com/assets/js/popups.js?v=35
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:eb2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash
f4c2af0f15ce486219d3fa1b5345c9c6a491abccc246eb40214db87e2f49d1e0

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
3113
x-powered-by
PHP/5.5.9-1ubuntu4.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
cache-control
max-age=7200
cf-polished
origSize=27549
cf-ray
578a967dabc3dfeb-FRA
node.css
ca.gratowin.com/modules/node/ 		144 B
208 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/modules/node/node.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4569fbfef2a73b2369d1e070a2ce3511f5a8c6a22a7cd6d61baf4982e75a21ee

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Oct 2018 11:53:07 GMT
server
cloudflare
age
3113
etag
W/"90-578bbc7a12ec0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967daa9863d1-FRA
user.css
ca.gratowin.com/modules/user/ 		2 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/modules/user/user.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Oct 2018 11:53:18 GMT
server
cloudflare
age
3113
etag
W/"723-578bbc8490780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967daa9a63d1-FRA
views.css
ca.gratowin.com/sites/all/modules/views/css/ 		707 B
351 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/modules/views/css/views.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 29 May 2017 12:44:26 GMT
server
cloudflare
age
3113
etag
W/"2c3-550a90c15be80-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967daa9c63d1-FRA
locale.css
ca.gratowin.com/modules/locale/ 		875 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/modules/locale/locale.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f21c9572eb4aca5d25d08458d0d26cf5d8dac5290a0f0b04c2b3f00a13dbd72

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 21 Oct 2018 11:53:07 GMT
server
cloudflare
age
3113
etag
W/"36b-578bbc7a12ec0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967dbabf63d1-FRA
cookies_alert.css
ca.gratowin.com/sites/all/modules/Custom/cookies_alert/ 		578 B
415 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/modules/Custom/cookies_alert/cookies_alert.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d91715a068cbc27ffdeb74a417a0591c29a8a8f8d4e6542f6d66dbf1332234c6

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 04 Nov 2018 16:28:08 GMT
server
cloudflare
age
3113
etag
W/"242-579d940f1b600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967dbac163d1-FRA
normalize.css
ca.gratowin.com/sites/all/themes/winofolie/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/css/normalize.css
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0f078e04e4c5da7cae15a6a2e2106562880a87f171124283bb843a27f8deca

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 30 Aug 2018 14:37:28 GMT
server
cloudflare
age
3113
etag
W/"33da-574a803a49a00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967ddad063d1-FRA
responsive.css
ca.gratowin.com/sites/all/themes/winofolie/css/layouts/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/css/layouts/responsive.css
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f343d841e13cba3632c0a56e055b821b394999d8b2c48899e81e662149896d71

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2016 13:13:31 GMT
server
cloudflare
age
3113
etag
W/"1732-52fbc9c9634c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967ddad163d1-FRA
css
fonts.googleapis.com/ 		872 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans:400,700
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa6f22af71f6176e78755341cb5148500a9bb86515b9cc346dd4b2e5890e1bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 23 Mar 2020 19:34:05 GMT
server
ESF
date
Mon, 23 Mar 2020 19:34:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Mar 2020 19:34:05 GMT
css
fonts.googleapis.com/ 		440 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merienda+One
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4bb503c2602d730eadbc49d97279b3b36625388b0c85e6bc0e1089678328b674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 23 Mar 2020 19:34:05 GMT
server
ESF
date
Mon, 23 Mar 2020 19:34:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Mar 2020 19:34:05 GMT
mobile.css
ca.gratowin.com/sites/all/themes/winofolie/css/ 		417 B
313 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/all/themes/winofolie/css/mobile.css?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40fe2edd74251b5775d87e41730fa1380e833e99534b0e81a7aaa45bf669f081

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2016 13:13:25 GMT
server
cloudflare
age
3113
etag
W/"1a1-52fbc9c3aa740-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
578a967ddad263d1-FRA
fr_cklFHvRbffNvdSXiEd9q5HFbLpRfXWNG8T3cgo_zoQ0.js
ca.gratowin.com/sites/GratoWin.com/files/languages/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.gratowin.com/sites/GratoWin.com/files/languages/fr_cklFHvRbffNvdSXiEd9q5HFbLpRfXWNG8T3cgo_zoQ0.js?q56ps7
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.26
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-language
fr
status
404
vary
Accept-Encoding
cache-control
max-age=14400, must-revalidate
cf-ray
578a967e2b0963d1-FRA
content-type
text/html; charset=utf-8
expires
Sun, 19 Nov 1978 05:00:00 GMT
gtm.js
www.googletagmanager.com/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e86cf347801425dcc3a6189c492df2f8ea59a6981042f3933a87f3fad0e0736
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:05 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
27154
x-xss-protection
0
last-modified
Mon, 23 Mar 2020 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Mar 2020 19:34:05 GMT
GratowinBG.jpg
files.winofolie.com/images/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/images/GratowinBG.jpg?b
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd85fa2dbd2dce22aced5cd007fafa956be3ecfd1b13dae1b44cddda64b4a9b

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
status=not_needed
x-guploader-uploadid
AEnB2UoJvgTp9rb0zNSPQOv82b1oWemUUo-Bcwg5hrMm-GOhVKDmMvlAsjGCe4XwpUUeyXl2Dlq3mNXf3rdzi5j1oW8IuA-adQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
154595
last-modified
Mon, 30 Jul 2018 12:51:53 GMT
server
cloudflare
etag
"80bec0131878bf1dcc3317a155b8c235"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=wEGcmQ==, md5=gL7AExh4vx3MMxehVbjCNQ==
content-type
image/jpeg
x-goog-generation
1532955113533255
cache-control
public, max-age=14400
x-goog-stored-content-length
154595
accept-ranges
bytes
cf-ray
578a967f0d491f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
langBox.png
files.gratowin.com/images/ 		373 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.gratowin.com/images/langBox.png
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d453802ea2a2097d5036e54807ff5c9272caab18108d5bc88bf6c4634b7c430d

Request headers

Referer
https://ca.gratowin.com/sites/all/themes/winofolie/css/styles.css?q56ps7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2Uqn0GWJCTIsyuftqhlZwAkTJIGDZUAbAtaWD0R0NQH7Nz9HSYg0FvA6GostWohP8vaFPyIbV_y6EigPAz32vPuNNUp39g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
373
last-modified
Mon, 11 Feb 2019 13:24:25 GMT
server
cloudflare
etag
"51d235572170f8107ec68f54849e0186"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Gk7ZJQ==, md5=UdI1VyFw+BB+xo9UhJ4Bhg==
content-type
image/png
x-goog-generation
1549891465005563
cache-control
public, max-age=14400
x-goog-stored-content-length
373
accept-ranges
bytes
cf-ray
578a967efbb963d1-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
GratowinSlider.jpg
files.winofolie.com/images/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/images/GratowinSlider.jpg
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e727cfa8d37924e41077fc0e16b9c17eb4e259bca7b8ddf2ff79d1243c6a7cca

Request headers

Referer
https://ca.gratowin.com/sites/all/themes/winofolie/css/styles.css?q56ps7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
degrade=85, origSize=495147
x-guploader-uploadid
AEnB2UrYv-yIE7QTRyeMtFNVNV_LA0Ieoco1r7bxJAtm4aRD_e-8Ov2aDTMpUdNiw3Fnq5O0TXtsIiMh5hDBHo5hhe7ixTtiIw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
238155
last-modified
Wed, 14 Mar 2018 18:36:21 GMT
server
cloudflare
etag
"2ba21cbd6a45eb5af91965aed73837c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=0BkXiA==, md5=K6IcvWpF61r5GWWu1zg3yA==
content-type
image/jpeg
x-goog-generation
1521052581878615
cache-control
public, max-age=14400
x-goog-stored-content-length
495147
accept-ranges
bytes
cf-ray
578a967f0d4b1f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
offer_FR.png
files.winofolie.com/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/images/offer_FR.png
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b35bbbf7c285ea85c9ee29ebdfacd137641e1f721340a0167df085cc6bd5f7

Request headers

Referer
https://ca.gratowin.com/sites/all/themes/winofolie/css/styles.css?q56ps7
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
pngoptimizer, origSize=19689
x-guploader-uploadid
AEnB2UpNOymLlRAQPnSeZ78xxe9Zx79TPBmVRMP5TH6XDtgnsqWYu7kcWMGQ2rSMa6IHD3AteNJTzAoHkcijmipI4gj7-2SCrQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
15746
last-modified
Wed, 14 Mar 2018 20:16:20 GMT
server
cloudflare
etag
"d2f9f421d8488eea9273e9656c85e531"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=nzYqhw==, md5=0vn0IdhIjuqSc+llbIXlMQ==
content-type
image/png
x-goog-generation
1521058580086828
cache-control
public, max-age=14400
x-goog-stored-content-length
19689
accept-ranges
bytes
cf-ray
578a967f0d4d1f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
recentWinnersServlet
secure.gratowin.com/server/api/ 		2 KB
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.gratowin.com/server/api/recentWinnersServlet?jsonObject={methodName:getRecentWinners}
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/sites/all/modules/jquery_update/replace/jquery/1.8/jquery.min.js?v=1.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918b0beaa6992d2b3e58b9b1ececbeab8c77f7e641d0989a94781c5b074d7d4b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Origin
https://ca.gratowin.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type
text/plain
access-control-allow-origin
*
cf-ray
578a967f9c94dfd3-FRA
access-control-allow-headers
X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3330
date
Mon, 23 Mar 2020 18:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Mon, 23 Mar 2020 20:38:35 GMT
6704.js
script.crazyegg.com/pages/scripts/0078/ 		132 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0078/6704.js?440275
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76a4c26c034a29367d663fa19db8de4d1a900e043ea8d53e320c419ff6693374

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 23 Mar 2020 17:08:59 GMT
server
cloudflare
age
8689
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
cf-ray
578a967f7cae145a-FRA
access-control-allow-origin
*
content-length
40235
tag.js
lptag.liveperson.net/tag/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=70099149
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Aug 2018 07:47:45 GMT
server
ws
etag
"5b7bc3a1-198d"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
6541
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2050021175&t=pageview&_s=1&dl=https%3A%2F%2Fca.gratowin.com%2F%3FspMailingID%3D22946060%26spUserID%3DLTQ4NjIzNDI5NDES1%26spJobID%3D1701264301%26spReportId%3DMTcwMTI2NDMwMQS2&dp=https%3A%2F%2Fca.gratowin.com%2F%3FspMailingID%3D22946060%26spUserID%3DLTQ4NjIzNDI5NDES1%26spJobID%3D1701264301%26spReportId%3DMTcwMTI2NDMwMQS2&ul=en-us&de=UTF-8&dt=GratoWin%20-%20Le%20Cercle%20des%20Gagnants&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=2094583232&gjid=677469533&cid=87301147.1584992046&tid=UA-27702367-3&_gid=1691112766.1584992046&_r=1&gtm=2wg3b2MM92NX&cd1=8&z=1990987145
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 23 Mar 2020 19:34:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
sample-api-v2.crazyegg.com/n/786704/ 		63 B
781 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sample-api-v2.crazyegg.com/n/786704/all?v=7&user_script_version=1584983335
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0078/6704.js?440275
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.243.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-243-242.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a60cb94d922707d0c16293e1b71c382d3578555d6a119444dba10220ad9070b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Origin
https://ca.gratowin.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 23 Mar 2020 19:34:06 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.12.1
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Origin
*
Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Length
63
X-XSS-Protection
1; mode=block
serverTime.php
cdn.gratohelp.com/assets/js/ 		89 B
312 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gratohelp.com/assets/js/serverTime.php?_=1584992046197
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/sites/all/modules/jquery_update/replace/jquery/1.8/jquery.min.js?v=1.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash
9a6011ce657811c3b782d585e89bf39a656834cc111496e22616da74704ca27d

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
578a9680ca3326e8-FRA
icons_38.png
files.winofolie.com/files/drupal_uploads/games_new/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_38.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb0e96ad36ba64429e83d50a2b70b1d5cca1e9aef17520281afeb3f4619e900

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
origSize=63279
x-guploader-uploadid
AEnB2UoZ3YpyZvcp7Z_ezWM8Xl9536l1yEpmgcLlXK3mHh3ucbjo1n8pLSd5LKlwSqYs-LKHjzVwerqBShub_hFB-Vqw4yWY-w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
63048
last-modified
Wed, 04 Mar 2020 08:43:51 GMT
server
cloudflare
etag
"a57ce125fc93e234c3aa5b34008ad9d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=FpfLXg==, md5=pXzhJfyT4jTDqls0AIrZ0g==
content-type
image/png
x-goog-generation
1583311431525454
cache-control
public, max-age=14400
x-goog-stored-content-length
63279
accept-ranges
bytes
cf-ray
578a9680cab71f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
icons_34.png
files.winofolie.com/files/drupal_uploads/games_new/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_34.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f78e51d367bb93a18264084bd950a3977d765948b6b40988bedc27a8fa75a34

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
origSize=66023
x-guploader-uploadid
AEnB2Uqeuhs2ymQ0jygmhtk43vvX7KvjQKA_aC4MSonPHZMpeUYeMSmT6BJ6AygkAl5MfbeXEn0wt-PdeyHmk8HBIpjrtI5LlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
65789
last-modified
Wed, 04 Mar 2020 08:43:52 GMT
server
cloudflare
etag
"3d1c89310da018e0c822d7cdc780d99a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=3D8QBg==, md5=PRyJMQ2gGODIItfNx4DZmg==
content-type
image/png
x-goog-generation
1583311432456154
cache-control
public, max-age=14400
x-goog-stored-content-length
66023
accept-ranges
bytes
cf-ray
578a9680cabd1f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
icons_19.png
files.winofolie.com/files/drupal_uploads/games_new/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_19.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
260ca3df0c226c9e3f8912e6824ecf3951dd2edd5c4318b7776603f06c924b70

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
status=not_needed
x-guploader-uploadid
AEnB2UojmKEh5sVLxWhI_YuLUjzjV2HVvwXklQyQLKT9VmYho8OjdSOE-cNe3OQWWOg2DpU7zbykxhTE6EgEXBUL_aPPQWQT7Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
51163
last-modified
Wed, 04 Mar 2020 08:43:20 GMT
server
cloudflare
etag
"140bc296ddb8c7861f01649919f1aaff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=HzYfiQ==, md5=FAvClt24x4YfAWSZGfGq/w==
content-type
image/png
x-goog-generation
1583311400659872
cache-control
public, max-age=14400
x-goog-stored-content-length
51163
accept-ranges
bytes
cf-ray
578a9680cabf1f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
icons_09.png
files.winofolie.com/files/drupal_uploads/games_new/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_09.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc7d6f431ad40ab86afa298bc0b90342785ca2acf0549a2c94a71327d6ad800

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
status=not_needed
x-guploader-uploadid
AEnB2Ur8bPBn6777E5XOM_szq85k6VSecZifmQpoTuDxB6qxWgaQ5uct3tWZ1N9UcxRv-wZc6NWRQGSaTwUAhJfeojX65tIzDg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
17209
last-modified
Wed, 04 Mar 2020 08:47:34 GMT
server
cloudflare
etag
"9a462e8c4d9524bb753bba02e8eb6f4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=3+IQqg==, md5=mkYujE2VJLt1O7oC6OtvSw==
content-type
image/png
x-goog-generation
1583311654366244
cache-control
public, max-age=14400
x-goog-stored-content-length
17209
accept-ranges
bytes
cf-ray
578a9680cac51f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
icons_05.png
files.winofolie.com/files/drupal_uploads/games_new/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_05.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe92b875a875b125e9808c78e159ad9cd85493e3c37daee40e47d0ac7c7ebbc

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
status=not_needed
x-guploader-uploadid
AEnB2Uq0lIACKwfGR1zzm5Uh4Iu-7sQDJar9Pb11F9taf077B-0yubuxmzTm1KIIe158awI4huZ1mAJvTMbA-1-EtEZ-BYJ8jQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
52657
last-modified
Wed, 04 Mar 2020 08:39:02 GMT
server
cloudflare
etag
"b448c8281b5a5e3cb2b5cef9e199eeb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=8/IDrA==, md5=tEjIKBtaXjyytc754Znusg==
content-type
image/png
x-goog-generation
1583311142428406
cache-control
public, max-age=14400
x-goog-stored-content-length
52657
accept-ranges
bytes
cf-ray
578a9680cac91f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
icons_07.png
files.winofolie.com/files/drupal_uploads/games_new/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_07.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
609ae060257bf31a1386cafa62900646d78a4f9ea581cd269bc8a9fbee4a9d03

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
status=not_needed
x-guploader-uploadid
AEnB2UqSQoC129pWTi37_6lNQYrPJnyLyOJxzwOanOIQsBDGWFMSjm6ghXYO9Lg7ZIiBwYDucN_sClfc-MpnBz0q7ERmTIwwwQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
47694
last-modified
Wed, 04 Mar 2020 08:39:40 GMT
server
cloudflare
etag
"03ca1b4a6cacb21b0b1c394f7fdcdaad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=CmxR1A==, md5=A8obSmysshsLHDlPf9zarQ==
content-type
image/png
x-goog-generation
1583311180142312
cache-control
public, max-age=14400
x-goog-stored-content-length
47694
accept-ranges
bytes
cf-ray
578a9680cacd1f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
icons_26.png
files.winofolie.com/files/drupal_uploads/games_new/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_26.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2f340b2e96b3bd83b852202f0dcfc4644acf7b9e4f1882c13a7fc128a7ce06

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
status=not_needed
x-guploader-uploadid
AEnB2UqBlauEmDoMisbwEbVWup7CTT30y7sWGiZMKgXWOJNxNzx3RXpEmNa2D9XC67JZVixjgvrdWwwQOK9VSKx1bs8wJ8qgUQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
47150
last-modified
Wed, 04 Mar 2020 08:40:40 GMT
server
cloudflare
etag
"4cf1d58ab7fb2c94ad789bdf12456807"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=2R5Ogg==, md5=TPHVirf7LJSteJvfEkVoBw==
content-type
image/png
x-goog-generation
1583311240012067
cache-control
public, max-age=14400
x-goog-stored-content-length
47150
accept-ranges
bytes
cf-ray
578a9680cace1f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
icons_03.png
files.winofolie.com/files/drupal_uploads/games_new/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_03.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7977a82a1d1508662586a63b923bdb265ebcca19d44dcb55bce44e0e53d4ea67

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
status=not_needed
x-guploader-uploadid
AEnB2Ur0kgMmNRZwSnV3HsgEA4V9hw1E4-Jd6EhiQ0Ui-loAeOb84Wtsrvjuf8U_1M9o9zNY1zMavhMkSgLfP3p9lhzurEJx2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
59415
last-modified
Wed, 04 Mar 2020 08:40:25 GMT
server
cloudflare
etag
"15e1e0f805b3780eae9d166caf704cc8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=EG2WBw==, md5=FeHg+AWzeA6unRZsr3BMyA==
content-type
image/png
x-goog-generation
1583311225135586
cache-control
public, max-age=14400
x-goog-stored-content-length
59415
accept-ranges
bytes
cf-ray
578a9680cad01f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
icons_01.png
files.winofolie.com/files/drupal_uploads/games_new/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/icons_01.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2600d4cae73030f0800c327cbcb7089aa7d8d5ccaa633a75c1ca7c5a6528615c

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
status=not_needed
x-guploader-uploadid
AEnB2UrkzWddAe5lrR9p9MT0d_LHuFJKpCML3hxLj9BoGepH05H59Kig1r-QfyleI8hhiPpPAQAtcbom65YLeoLoV_CHyLhQkQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
64317
last-modified
Wed, 04 Mar 2020 08:39:02 GMT
server
cloudflare
etag
"841c8e1fc5d346bc35296e5a9569dd96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=PfMVkQ==, md5=hByOH8XTRrw1KW5alWndlg==
content-type
image/png
x-goog-generation
1583311142587604
cache-control
public, max-age=14400
x-goog-stored-content-length
64317
accept-ranges
bytes
cf-ray
578a9680cad11f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
WI_GW_Regular.png
files.winofolie.com/files/drupal_uploads/games_new/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/WI_GW_Regular.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1649404efe13a600b1f6f63d1f1e0a932b97fcf8e71af46864c84269af0fb60f

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
origSize=39682
x-guploader-uploadid
AEnB2UpgMBx300EMAODAmZMWZs506ZY6JoghdDY7B2fxdXWX4oAfLV2NWnNFeWNFQwxuQTvj5KeDVn6aQtZA-rBA2dPRlrRLEw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
37275
last-modified
Mon, 20 Jan 2020 14:25:50 GMT
server
cloudflare
etag
"207f92207dd812ed730c621bbf48fc47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=5vn5hQ==, md5=IH+SIH3YEu1zDGIbv0j8Rw==
content-type
image/png
x-goog-generation
1579530350226834
cache-control
public, max-age=14400
x-goog-stored-content-length
39682
accept-ranges
bytes
cf-ray
578a9680cad21f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
Barn_invaders_Regular.png
files.winofolie.com/files/drupal_uploads/games_new/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/Barn_invaders_Regular.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce13861991d314d26c39ad6cd00184089324794f25a86df4fadd8f1f55e8668e

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
origSize=59656
x-guploader-uploadid
AEnB2Ure0bZS8GxuD1Pyw8Bl2Zz6OsgoG2pa6cy1hn4yCjCoqV6ls828sPrc0pEi-tPvV_h6uym0gOQpBqKAF8TtSGXun0wiGQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
56304
last-modified
Mon, 20 Jan 2020 14:22:28 GMT
server
cloudflare
etag
"74567a940b3342da4fd3d8edfd85baae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=TPkkdA==, md5=dFZ6lAszQtpP09jt/YW6rg==
content-type
image/png
x-goog-generation
1579530148448345
cache-control
public, max-age=14400
x-goog-stored-content-length
59656
accept-ranges
bytes
cf-ray
578a9680cad41f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
Wish_a_Fish_Regular.png
files.winofolie.com/files/drupal_uploads/games_new/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.winofolie.com/files/drupal_uploads/games_new/Wish_a_Fish_Regular.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558708883fbd7bb1b17b3a7e655273829d443f905f7854d01f8f378ea8dcb5b9

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
REVALIDATED
status
200
cf-polished
origSize=52308
x-guploader-uploadid
AEnB2UrUqy-pwTnHITaO7uzJjCEDo7uSu6ic_QWbnTfCVnoH2uOcVnyycCh3sOKozLzMesQRROvUgxnEADMqIt26_63sTw7xwA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
cf-bgj
imgq:85
content-length
49318
last-modified
Mon, 20 Jan 2020 13:58:03 GMT
server
cloudflare
etag
"9e68fa28c5358ad16130fb9c9e62868c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=PI9Zaw==, md5=nmj6KMU1itFhMPucnmKGjA==
content-type
image/png
x-goog-generation
1579528683725617
cache-control
public, max-age=14400
x-goog-stored-content-length
52308
accept-ranges
bytes
cf-ray
578a9680cad51f39-FRA
expires
Mon, 23 Mar 2020 20:34:06 GMT
/
secure.gratowin.com/server/clickstats/ 		0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gratowin.com/server/clickstats/?brandId=8&deviceCategory=1&campaignId=&mediaId=&affiliateProfileName=&referer=https%3A%2F%2Fca.gratowin.com%2F%3FspMailingID%3D22946060%26spUserID%3DLTQ4NjIzNDI5NDES1%26spJobID%3D1701264301%26spReportId%3DMTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
status
200
cf-ray
578a9680dd5563d1-FRA
content-length
0
.jsonp
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 		235 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by
Host: ca.gratowin.com
URL: https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
22bddb7b3e32ca1311fe52daea5f9326e4d8efe7acc6dcf14cb4bdec78a73e6b

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/ Frame FF7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2Fca.gratowin.com&site=70099149&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash

Request headers

:method
GET
:authority
lpcdn.lpsnmedia.net
:scheme
https
:path
/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2Fca.gratowin.com&site=70099149&env=prod
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2

Response headers

status
200
date
Mon, 23 Mar 2020 19:34:06 GMT
content-type
text/html
last-modified
Tue, 18 Feb 2020 15:26:16 GMT
content-encoding
gzip
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
expires
Mon, 23 Mar 2020 19:44:06 GMT
cache-control
max-age=600
zones
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/ 		18 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
e1ea32f5224396a336c97ed5be9679968a50e1351a5ad3e20ba5a0ed689fa21d

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:06 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
expires
Mon, 23 Mar 2020 19:34:59 GMT
70099149
va.v.liveperson.net/api/js/ 		236 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?&cb=lpCb2393x22344&t=sp&ts=1584992046303&pid=7953309498&tid=9402302781&pt=GratoWin%20-%20Le%20Cercle%20des%20Gagnants&u=https%3A%2F%2Fca.gratowin.com%2F%3FspMailingID%3D22946060%26spUserID%3DLTQ4NjIzNDI5NDES1%26spJobID%3D1701264301%26spReportId%3DMTcwMTI2NDMwMQS2&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
89de1f43790f649ca662060acc6161f28901451734ea8fdf0c25f4af65ad51c5

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:07 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
70099149
va.v.liveperson.net/api/js/ 		109 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?sid=ZfYRnI-3RWeaelazaA8BmQ&cb=lpCb41364x8807&t=pl&ts=1584992046577&pid=7953309498&tid=9402302781&vid=RkMjY3MzVkNGY5Y2ZjMDhl
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
65fc2087a62a42493cb0d7cf900c53306c1267e51c136c32ef0f5382c190bcf4

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:07 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
70099149
va.v.liveperson.net/api/js/ 		73 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?sid=ZfYRnI-3RWeaelazaA8BmQ&cb=lpCb66470x35613&t=ip&ts=1584992057257&pid=7953309498&tid=9402302781&vid=RkMjY3MzVkNGY5Y2ZjMDhl
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
e2f15bad0b60cd8fc53761ef2733acfe1d0f7f6fbd7e36663194077096ba4dee

Request headers

Referer
https://ca.gratowin.com/?spMailingID=22946060&spUserID=LTQ4NjIzNDI5NDES1&spJobID=1701264301&spReportId=MTcwMTI2NDMwMQS2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 23 Mar 2020 19:34:17 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| brandInfo undefined| $ function| jQuery object| Drupal object| jQuery183028947925318265244 object| swfobject object| platformWindow function| get_url_parameter function| getAllUrlParams object| Cookies object| Preferences function| getParamsFromFunction function| getParamsFromCookie function| checkInArray function| checkClick function| getStringCookieProperties function| OpenGamesWindowIt function| OpenGamesWindow function| openLiveChat function| printPixel function| registerUser function| isDepositor function| getVIPLevel function| fireEvent function| isReal object| lpMTagConfig function| lpAddMonitorTag function| getMobileDomain object| isMobile function| countryCode function| getCurrencySymbol function| getCurrencyString function| getCurrencyForPlatform function| getServerDate function| extraParameters object| dataLayer string| lang string| imgUrl boolean| popup_shown string| lightBoxJS string| lightBoxCSS boolean| lightBoxLoaded boolean| exit_shown string| campaignId function| promoSideBanners function| promoBanners function| showExitPopup function| showUKPopup function| showExitPopupNonSignup1 function| showFreeSpin object| google_tag_manager string| GoogleAnalyticsObject function| ga object| lpTag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| CE2 string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store function| getServerTime function| _typeof function| _extends

13 Cookies

Domain/Path Name / Value
.gratowin.com/ Name: _gat_UA-27702367-3
Value: 1
.gratowin.com/ Name: _gid
Value: GA1.2.1691112766.1584992046
.gratowin.com/ Name: referer
Value: https%253A%252F%252Fca.gratowin.com%252F%253FspMailingID%253D22946060%2526spUserID%253DLTQ4NjIzNDI5NDES1%2526spJobID%253D1701264301%2526spReportId%253DMTcwMTI2NDMwMQS2
.gratowin.com/ Name: spReportId
Value: MTcwMTI2NDMwMQS2
.gratowin.com/ Name: spUserID
Value: LTQ4NjIzNDI5NDES1
.gratowin.com/ Name: spJobID
Value: 1701264301
.gratowin.com/ Name: spMailingID
Value: 22946060
.gratowin.com/ Name: _ga
Value: GA1.2.87301147.1584992046
.gratowin.com/ Name: lang
Value: fr
ca.gratowin.com/ Name: has_js
Value: 1
.gratowin.com/ Name: brandId
Value: 8
.gratowin.com/ Name: unikClick
Value: yes
.gratowin.com/ Name: __cfduid
Value: d53f4cff9e7abe737ea7cf134bf5737a81584992045

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
ca.gratowin.com
cdn.gratohelp.com
cdn.hermione-ltd.com
files.gratowin.com
files.winofolie.com
fonts.googleapis.com
links.netoplay-t.mkt4157.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
sample-api-v2.crazyegg.com
script.crazyegg.com
secure.gratowin.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
178.249.101.23
208.89.12.87
2606:4700:20::681a:6f0
2606:4700:20::681a:e3d
2606:4700:20::681a:eb2
2606:4700:20::681a:f5
2606:4700::6813:9408
2a00:1450:4001:815::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81d::2008
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
50.16.243.242
74.112.69.20
0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2
105bf2c916b4196b471b5d93d1a569bb5c7afff9fd9a3fa76bca0926fce0129c
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
1649404efe13a600b1f6f63d1f1e0a932b97fcf8e71af46864c84269af0fb60f
18a9feb224085d2cda6675fcbc9ca8e0a26dabe6fdc6c90e560b2f9a54a992ce
1dd85fa2dbd2dce22aced5cd007fafa956be3ecfd1b13dae1b44cddda64b4a9b
1f306db5a9c29477acdd6b78d57734f0aa7936a1fa9b9ba8bd36204ba12aaf40
22bddb7b3e32ca1311fe52daea5f9326e4d8efe7acc6dcf14cb4bdec78a73e6b
25b35bbbf7c285ea85c9ee29ebdfacd137641e1f721340a0167df085cc6bd5f7
2600d4cae73030f0800c327cbcb7089aa7d8d5ccaa633a75c1ca7c5a6528615c
260ca3df0c226c9e3f8912e6824ecf3951dd2edd5c4318b7776603f06c924b70
40fe2edd74251b5775d87e41730fa1380e833e99534b0e81a7aaa45bf669f081
4569fbfef2a73b2369d1e070a2ce3511f5a8c6a22a7cd6d61baf4982e75a21ee
4bb503c2602d730eadbc49d97279b3b36625388b0c85e6bc0e1089678328b674
4ef399146e23335148e623a98d68b0e1d5044aa57928bfd3e87e86446eab1d8d
558708883fbd7bb1b17b3a7e655273829d443f905f7854d01f8f378ea8dcb5b9
5968e6fd2bb447f04cfccd4629a337a9668e8ca1731bf03eefd2ed9840d9a43d
596cb5efcea1a31463ea879d1830c58058ecb10823d09b03ff6e72722593c6d1
5dd145fb07f12997e1ca3f43a74ea5994d2e287e3d85a294d4261f817988b246
5f21c9572eb4aca5d25d08458d0d26cf5d8dac5290a0f0b04c2b3f00a13dbd72
609ae060257bf31a1386cafa62900646d78a4f9ea581cd269bc8a9fbee4a9d03
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3
65fc2087a62a42493cb0d7cf900c53306c1267e51c136c32ef0f5382c190bcf4
76a4c26c034a29367d663fa19db8de4d1a900e043ea8d53e320c419ff6693374
7977a82a1d1508662586a63b923bdb265ebcca19d44dcb55bce44e0e53d4ea67
7e0f078e04e4c5da7cae15a6a2e2106562880a87f171124283bb843a27f8deca
802096f222716e3aa7f228709dc83c9602eb1cb24d100b594290b5f8a4904481
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840d59d331bd35e466f7e8f8fc32a95a09b1e48d362b1c2b9477a789657fe53d
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
89de1f43790f649ca662060acc6161f28901451734ea8fdf0c25f4af65ad51c5
8c2f340b2e96b3bd83b852202f0dcfc4644acf7b9e4f1882c13a7fc128a7ce06
8cb3bc6c4b122e11a187e6e4bff4d66edad94ce8b79d8296bfa8635be3768236
8e86cf347801425dcc3a6189c492df2f8ea59a6981042f3933a87f3fad0e0736
8f78e51d367bb93a18264084bd950a3977d765948b6b40988bedc27a8fa75a34
918b0beaa6992d2b3e58b9b1ececbeab8c77f7e641d0989a94781c5b074d7d4b
9a6011ce657811c3b782d585e89bf39a656834cc111496e22616da74704ca27d
a60cb94d922707d0c16293e1b71c382d3578555d6a119444dba10220ad9070b5
a6635f28ad4022aa9d041d1cc516e6462b02d96ac9b639e5c8c95d556f920cf4
bbb0e96ad36ba64429e83d50a2b70b1d5cca1e9aef17520281afeb3f4619e900
bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
ce13861991d314d26c39ad6cd00184089324794f25a86df4fadd8f1f55e8668e
ce56563b286010124820358fc7af0c317cdbf4fb133832003ce0784ad1a4083c
cfc7d6f431ad40ab86afa298bc0b90342785ca2acf0549a2c94a71327d6ad800
d44cad421d07371c4f95b497aa2ffa255e7579f95a08b9980e6a0ff6ae27dcef
d453802ea2a2097d5036e54807ff5c9272caab18108d5bc88bf6c4634b7c430d
d91715a068cbc27ffdeb74a417a0591c29a8a8f8d4e6542f6d66dbf1332234c6
dbe92b875a875b125e9808c78e159ad9cd85493e3c37daee40e47d0ac7c7ebbc
dd8e5875dfe673ac028b945e88c54cedff725a14a450c75ed8fc8b5cd5c4782c
df3a1cfc1dd60167208672055d477674081f1005f831076bb605c66ad45e3e59
e1849866f862b2cc38dd1486a48cf8ce313f9e75ebe312d9b278658dc5b4159a
e1ea32f5224396a336c97ed5be9679968a50e1351a5ad3e20ba5a0ed689fa21d
e267819b7d33e7dd4f2f5f59ca826d3ddbfaf38f1c207c03a1c90be32e1db2f8
e2f15bad0b60cd8fc53761ef2733acfe1d0f7f6fbd7e36663194077096ba4dee
e3ad317a103b4271c6d00cb97957c0d8e0f5bfd6cdc74976d022dd526963ecdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e727cfa8d37924e41077fc0e16b9c17eb4e259bca7b8ddf2ff79d1243c6a7cca
e9ca63ede6d903e7df2190e56ca1a938592f4dd03029f5f5142abc9d60bcf385
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f343d841e13cba3632c0a56e055b821b394999d8b2c48899e81e662149896d71
f4c2af0f15ce486219d3fa1b5345c9c6a491abccc246eb40214db87e2f49d1e0
fa6f22af71f6176e78755341cb5148500a9bb86515b9cc346dd4b2e5890e1bff