urlscan.io logo urlscan.io
SecurityTrails logo

3winorama.com Open in urlscan Pro
34.120.250.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://colortap.xyz/
Effective URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfil...
Submission: On October 21 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 41 HTTP transactions. The main IP is 34.120.250.146, located in United States and belongs to GOOGLE, US. The main domain is 3winorama.com.
TLS certificate: Issued by GTS CA 1D2 on October 14th 2020. Valid for: 3 months.
This is the only time 3winorama.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.98.7.187 200532 (HOSTER-KZ...)
1 2 35.227.235.12 15169 (GOOGLE)
21 34.120.250.146 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 178.249.101.23 11054 (LIVEPERSON)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.102.220.22 15169 (GOOGLE)
1 130.211.16.99 15169 (GOOGLE)
2 2a03:6400:10:... 11054 (LIVEPERSON)
2 2a03:6400:10:... 11054 (LIVEPERSON)
4 208.89.12.87 11054 (LIVEPERSON)
41 13
1    185.98.7.187 (Kazakhstan)

ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ)
colortap.xyz
2    35.227.235.12 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 12.235.227.35.bc.googleusercontent.com
click.power-ppp.com
21    34.120.250.146 (United States)

ASN15169 (GOOGLE, US)
PTR: 146.250.120.34.bc.googleusercontent.com
3winorama.com
cdn.cg-platform.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
1    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.102.220.22 (United States)

ASN15169 (GOOGLE, US)
PTR: 22.220.102.34.bc.googleusercontent.com
cdn.gratohelp.com
1    130.211.16.99 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 99.16.211.130.bc.googleusercontent.com
secure.3winorama.com
2    2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
accdn.lpsnmedia.net
2    2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
lpcdn.lpsnmedia.net
4    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
Domain Requested by
20 cdn.cg-platform.com 3winorama.com
4 va.v.liveperson.net lptag.liveperson.net
3 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
2 lpcdn.lpsnmedia.net lptag.liveperson.net
2 accdn.lpsnmedia.net lptag.liveperson.net
2 lptag.liveperson.net 3winorama.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 click.power-ppp.com 1 redirects
1 secure.3winorama.com
1 cdn.gratohelp.com ajax.googleapis.com
1 www.googletagmanager.com 3winorama.com
1 ajax.googleapis.com 3winorama.com
1 3winorama.com
1 colortap.xyz 1 redirects
41 14

This site contains links to these domains. Also see Links.

Domain
fr.3winorama.com
Subject Issuer Validity Valid
static.netopartners.net
GTS CA 1D2		 2020-10-14 -
2021-01-12		 3 months crt.sh
cdn.cg-platform.com
GTS CA 1D2		 2020-10-14 -
2021-01-12		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-09 -
2021-06-09		 a year crt.sh
*.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2017-12-17 -
2020-12-16		 3 years crt.sh
gratorama.com
GTS CA 1D2		 2020-10-18 -
2021-01-16		 3 months crt.sh
secure.77scratchmania.com
GTS CA 1D2		 2020-10-13 -
2021-01-11		 3 months crt.sh
powerplay.cg-platform.com
GTS CA 1D2		 2020-10-14 -
2021-01-12		 3 months crt.sh
*.lpsnmedia.net
COMODO RSA Organization Validation Secure Server CA		 2018-02-26 -
2021-02-25		 3 years crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2020-04-13 -
2022-04-13		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Frame ID: 17E3DD8E0FA52D9387BB16B5F9ACD41E
Requests: 40 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2F3winorama.com&site=70099149&env=prod
Frame ID: A30481197AFF461C4C3DD9CBECF6B922
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://colortap.xyz/ HTTP 302
    https://click.power-ppp.com/click/5e567992a067c?brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&af... HTTP 302
    https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GE... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /^1\.1 google$/i

Page Statistics

41
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

13
IPs

5
Countries

1681 kB
Transfer

2243 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://colortap.xyz/ HTTP 302
    https://click.power-ppp.com/click/5e567992a067c?brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs HTTP 302
    https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
3winorama.com/lp/fr/wizard/
Redirect Chain
  • http://colortap.xyz/
  • https://click.power-ppp.com/click/5e567992a067c?brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs
  • https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shor...
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
9b47184e3dee5abf57525cbd0138969dee4806b3589bd3f4dd172885a23eac92

Request headers

:method
GET
:authority
3winorama.com
:scheme
https
:path
/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
rhino-core-shield
date
Wed, 21 Oct 2020 03:12:22 GMT
content-type
text/html
content-length
2795
last-modified
Thu, 27 Feb 2020 12:43:22 GMT
etag
"227d-59f8e10f1ae80-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
302
server
rhino-core-shield
date
Wed, 21 Oct 2020 03:12:22 GMT
content-type
text/html; charset=UTF-8
content-length
0
rd
err: No redis
set-cookie
Click_5e567992a067c=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%2212215%22%3B%7D; expires=Fri, 20-Nov-2020 03:12:22 GMT; Max-Age=2592000; path=/ Count=1; expires=Fri, 20-Nov-2020 03:12:22 GMT; Max-Age=2592000; path=/
location
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
via
1.1 google
alt-svc
clear
image1.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/image1.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
eba3664c70f5426b36f2d726172a927e31ca30ce0250ea8e8422dd52ce5857e7

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UxkuCvdHtu6jdU40ZKgT17mDL9L_ktJn18Rv2ekY0IuFambZByz-wd-D0iywbqdEljxeopmXQgCMOzAq4YyvadsKzrPvA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
36544
last-modified
Wed, 26 Feb 2020 10:35:48 GMT
server
rhino-core-shield
etag
"d7862a39ed669296abfca752c39e0c10"
x-goog-hash
crc32c=O0Nq1w==, md5=14YqOe1mkpar/KdSw54MEA==
x-goog-generation
1582713348709233
cache-control
public, max-age=3600
x-goog-stored-content-length
36544
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
image2.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/image2.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
8da72ebf993dc1483cc31f9ca68cea1ea6d70572544439924076e48a93489446

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UxV7EttfAeS2Iq0TPqIb1sYmjgb2P6WitzCCQJuSEjGF4YPHUe1OC9rpBl0E3GH4hOqwJ4BhJ9pG1hj0aHLYuc-4c6AXg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
7753
last-modified
Wed, 26 Feb 2020 10:35:48 GMT
server
rhino-core-shield
etag
"e3fd88805d5c2acc9df9a5a32805175f"
x-goog-hash
crc32c=7w0L9g==, md5=4/2IgF1cKsyd+aWjKAUXXw==
x-goog-generation
1582713348722787
cache-control
public, max-age=3600
x-goog-stored-content-length
7753
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
image5.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/image5.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
531abb44914cb67d48cb4af4fdac61fa85de321c5d7ac96e9384d0297b2226f8

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UzV1LmT5luntGt-wbv-plD6jBKBNb9-dXG5tXzORBwWttf6IGb2aLwORCgiDTzzuuyA20EVRT5MmtX09Ve9-ks
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
35880
last-modified
Wed, 26 Feb 2020 10:35:49 GMT
server
rhino-core-shield
etag
"caaa94049868bd52aa36bd28faaba78e"
x-goog-hash
crc32c=o/7Sig==, md5=yqqUBJhovVKqNr0o+qunjg==
x-goog-generation
1582713349347215
cache-control
public, max-age=3600
x-goog-stored-content-length
35880
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
image6.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/image6.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
e8233ab195422cc7c089bcce39513ecbedddcc5ce13d1f034bb35ef18cf6a28b

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABg5-Uw3luCf5ISTsDeudU2a8RTNigG8abyTZrKCya-PnXpw_jtbwE3G_jRVGRFvPLe1WK6n_dS0WYlnk2-s29nPDqU
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
15277
last-modified
Wed, 26 Feb 2020 10:35:49 GMT
server
rhino-core-shield
etag
"8e8c6bcd13796ba52819d25adf65c9e4"
x-goog-hash
crc32c=aOY3AQ==, md5=joxrzRN5a6UoGdJa32XJ5A==
x-goog-generation
1582713349334444
cache-control
public, max-age=3600
x-goog-stored-content-length
15277
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
image3.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/image3.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
876f69734e194f27a3035f5622ddc741a0c4a675495c3eb8099fee0bb7eb27b9

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UxXF4fov0QpGX5GhsP7-MIJSdLN9r9uPwnqd9p1hpotglIC1ajzxXej8xwZCr1QJOwbPX6qDztPhERKJh_OSWCXQ4kvAw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
83863
last-modified
Wed, 26 Feb 2020 10:35:48 GMT
server
rhino-core-shield
etag
"c2422ad80814118080fcb1d58484a001"
x-goog-hash
crc32c=vEbW4A==, md5=wkIq2AgUEYCA/LHVhISgAQ==
x-goog-generation
1582713348750320
cache-control
public, max-age=3600
x-goog-stored-content-length
83863
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
image4.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/image4.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
948eabd14622578f2f36fbc57cdbd72b9b070ffc1978fc7b8ffe781465d7a3fd

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABg5-UyNugbyqj3zWKwcz_92tI_HSlIpkVDt-TcOqs95AtL8phw_Hzx9W0U-ugf-HADhDZMB9IaP0lOLMo7v7Lf7LyY
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
14105
last-modified
Wed, 26 Feb 2020 10:35:49 GMT
server
rhino-core-shield
etag
"94023cb5a2aad41260b6c3c71320db27"
x-goog-hash
crc32c=YT7uvA==, md5=lAI8taKq1BJgtsPHEyDbJw==
x-goog-generation
1582713349406505
cache-control
public, max-age=3600
x-goog-stored-content-length
14105
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
button.gif
cdn.cg-platform.com/LP/wizard/WR/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/button.gif
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
1e2caa00dccab3a16ab153317724eb5472078809e4e71f201389134fcef84703

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-Uxr9j6fGnlfeju2jZ1Kiw65UekGxTN94NL0HBhsWA8_e5g1nRfRq1W4kVdjQU2qXa7fLZuViwgi6AzK8RtFEgI
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
117974
last-modified
Wed, 26 Feb 2020 10:35:50 GMT
server
rhino-core-shield
etag
"ad4cb2ff7e870a854642d9de04f45ece"
x-goog-hash
crc32c=T/JNJg==, md5=rUyy/36HCoVGQtneBPRezg==
x-goog-generation
1582713350481152
cache-control
public, max-age=3600
x-goog-stored-content-length
117974
accept-ranges
bytes
content-type
image/gif
expires
Wed, 21 Oct 2020 04:12:22 GMT
image7.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/image7.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
dc36641dcd0342e0da8a28e760c19bf0a1ab56d544cc10a217b851f640d619b3

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UwIAm_35l0Ga4yxoL2JPP2v_SrtOQnvPgIURC8GmgUabUWvU_fH13tOS1OgNIMTQZq5zVfgrzclN1CUsly_P02dqR6rAw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
44723
last-modified
Wed, 26 Feb 2020 10:35:49 GMT
server
rhino-core-shield
etag
"579346632aeb495d35e824ad6056511e"
x-goog-hash
crc32c=AYUm+g==, md5=V5NGYyrrSV016CStYFZRHg==
x-goog-generation
1582713349924992
cache-control
public, max-age=3600
x-goog-stored-content-length
44723
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
left-side.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/left-side.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
199074b00fcb3aeb4e7c0c7cc0102d4fe1dc746105bc5752b8fd51e6827dbd11

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UwtvRQ6KpfMA2_3QnIYBq4ippQD51uM3fWxsMjayrZPyX06YITsmeCXWuekpMUKfdoUc3RUBV9TagTnRPpruas
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
6635
last-modified
Wed, 26 Feb 2020 10:35:49 GMT
server
rhino-core-shield
etag
"88474fe3c97b10951b1156aba4176fa6"
x-goog-hash
crc32c=NnW6Tg==, md5=iEdP48l7EJUbEVarpBdvpg==
x-goog-generation
1582713349936094
cache-control
public, max-age=3600
x-goog-stored-content-length
6635
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
right-side.jpg
cdn.cg-platform.com/LP/wizard/WR/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/right-side.jpg
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
c6e45141cebd0f1e459dec46176754869d30a295d78f7e9f9e7ecb08237b8764

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABg5-Uw4Sw7Wx-sNCitdb3RZrt3H9VjobTHk7dyqva2k_wiUV5192M6BoQ6ezfxxFGQP2XqluZPiF26Izy-z_LYdJwc
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
6704
last-modified
Wed, 26 Feb 2020 10:35:50 GMT
server
rhino-core-shield
etag
"282298b6490ca3e46f7197fd3f443b77"
x-goog-hash
crc32c=9raB7A==, md5=KCKYtkkMo+RvcZf9P0Q7dw==
x-goog-generation
1582713350009481
cache-control
public, max-age=3600
x-goog-stored-content-length
6704
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 21 Oct 2020 04:12:22 GMT
sec-FR-desktop.png
cdn.cg-platform.com/fr/GR/wizard/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/fr/GR/wizard/sec-FR-desktop.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
885ed351bbb17368586dd3dfe016a8acb5f05b951eadfa530c36c60b049d0357

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABg5-Ux7FgpDMfcycYDu3sMPw-ivO4HqPtFkbe0b3DiJ0BVoAtd1LyOsb8fcAfriiMrHpb0MAovds1LOsp2fpyheeS8ku4DEqg
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
6242
last-modified
Thu, 15 Mar 2018 12:26:26 GMT
server
rhino-core-shield
etag
"23d0a2e9529f8284a2d825a367517071"
x-goog-hash
crc32c=PwFYPg==, md5=I9Ci6VKfgoSi2CWjZ1FwcQ==
x-goog-generation
1521116786740875
cache-control
public, max-age=3600
x-goog-stored-content-length
6242
accept-ranges
bytes
content-type
image/png
expires
Wed, 21 Oct 2020 04:12:22 GMT
pay-FR.EUR.png
cdn.cg-platform.com/fr/GR/wizard/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/fr/GR/wizard/pay-FR.EUR.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
edc23fe4d35a42a63508c05df5d95ec58d83b2ae68a81f6d911bb52a8a76b93d

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABg5-UzPxSmiB0P_7NJ8WXTIgu9NhsvQ0bNJ7gi45uqGfhgEzxi4irT_QEfpgJlLxuw8bYQoDZxl6hlrp_6k4KCBQk2GQoJUMA
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
9104
last-modified
Thu, 15 Mar 2018 12:26:26 GMT
server
rhino-core-shield
etag
"f63747ad051ca3771b7bf5dbf3631a42"
x-goog-hash
crc32c=VWLH0w==, md5=9jdHrQUco3cbe/Xb82MaQg==
x-goog-generation
1521116786746138
cache-control
public, max-age=3600
x-goog-stored-content-length
9104
accept-ranges
bytes
content-type
image/png
expires
Wed, 21 Oct 2020 04:12:22 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 00:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9847
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Oct 2021 00:28:15 GMT
utils.js
cdn.cg-platform.com/script/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/script/utils.js?xxx2
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
4a945d20bd7f7cd8d8e3a63d9df5db213b189bfd530d23f6cd7605fc9df25868

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABg5-UyDuzcywcdDXn0gaPkrf82NUSF9f6yqSbJg8wfpBfc-weRuzn_sFUfHR1pZyGm7Wyt1oRZwenagiPWoyJ87T5e7dMZeTw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
7933
last-modified
Mon, 19 Oct 2020 19:59:10 GMT
server
rhino-core-shield
etag
W/"09032a1599de2bc659e55b7fe3da0c4f"
vary
Accept-Encoding
x-goog-hash
crc32c=P/xRNw==, md5=CQMqFZneK8ZZ5Vt/49oMTw==
x-goog-generation
1603137550076622
via
1.1 google
cache-control
public, max-age=3600
x-goog-stored-content-length
31218
content-type
text/javascript
expires
Wed, 21 Oct 2020 04:12:22 GMT
popups.js
cdn.cg-platform.com/script/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/script/popups.js
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
1fb2bb90c5f6a6875daa101395ac1aaab922cd02cf883005da5fdfc26a4ee148

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:04:53 GMT
content-encoding
gzip
age
449
x-guploader-uploadid
ABg5-UwKJtNF46HKhzIIaY42xdS5AQqQD7VcoDJxSdxpewm3WpiNtANtmqteykVvc-2IC-tF2_-EEVcpKWk6BJlpE7Q
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
5449
last-modified
Sun, 01 Mar 2020 15:43:32 GMT
server
rhino-core-shield
etag
W/"1fb91f28efc298ffcb3c5cea593569d7"
vary
Accept-Encoding
x-goog-hash
crc32c=kW01uQ==, md5=H7kfKO/CmP/LPFzqWTVp1w==
x-goog-generation
1583077412820902
via
1.1 google
cache-control
public, max-age=3600
x-goog-stored-content-length
27346
content-type
text/javascript
expires
Wed, 21 Oct 2020 04:04:53 GMT
gtm.js
www.googletagmanager.com/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c4a132170a9d0c419f0402f95ed97d7eaa85a444753efaa86c2660044bcfe97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46819
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Oct 2020 03:12:22 GMT
heling.png
cdn.cg-platform.com/LP/wizard/WR/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/heling.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
9a2c2ccc178b2c9e133ae0bbcf5ed1520af66ea65907f8ee302df645d5ee9c0d

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UzM4f-JnIeUOEKPNc4R846l0u81gzamLvnMDQtJb4Oigb1a2JVEkSIEHGqBUNNoF3hVjc52fHZ7XfNroHJ32fzYAARPKQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
21303
last-modified
Wed, 26 Feb 2020 10:54:08 GMT
server
rhino-core-shield
etag
"42a369cefd08efbece3409751cee0a8b"
x-goog-hash
crc32c=3mgqvA==, md5=QqNpzv0I777ONAl1HO4Kiw==
x-goog-generation
1582714448548420
cache-control
public, max-age=3600
x-goog-stored-content-length
21303
accept-ranges
bytes
content-type
image/png
expires
Wed, 21 Oct 2020 04:12:22 GMT
winners-sprite.png
cdn.cg-platform.com/en/GR/wizard/assets_eur/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/en/GR/wizard/assets_eur/winners-sprite.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
f67c5806f3a0486649203c97b5af44ae18908f7eb0b101772986fc7323a99dbe

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABg5-Uyvis0zvYckbx_yJ4g9kWDGr9T2OimX8l217phDbzP_QFqKk1KgWNy7YGU-k_Q-3m5G4yDyIrbV2yxC0EJwQ1RO06XNbw
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
35349
last-modified
Mon, 17 Sep 2018 06:42:45 GMT
server
rhino-core-shield
etag
"090360882712731474227314d65ac31c"
x-goog-hash
crc32c=hH9XJQ==, md5=CQNgiCcScxR0InMU1lrDHA==
x-goog-generation
1537166565365983
cache-control
public, max-age=3600
x-goog-stored-content-length
35349
accept-ranges
bytes
content-type
image/png
expires
Wed, 21 Oct 2020 04:12:22 GMT
Neil.png
cdn.cg-platform.com/LP/wizard/WR/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/Neil.png
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
2e9c202c55c70a248b48ad7e4fd6c53efcb8405377da61ee279a5086d3603afd

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UyvQNDybLVIyJOUZcwgCjHuVJwbI22_CaCk-N0MPrhzqMyFqnXF3d16t6RkGLfLY1td_rBoX3Wf950mAKnLYQEJ0mpv5g
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
24834
last-modified
Wed, 26 Feb 2020 10:54:08 GMT
server
rhino-core-shield
etag
"8872ded85a3979678609e86e18489345"
x-goog-hash
crc32c=FQ7dTg==, md5=iHLe2Fo5eWeGCehuGEiTRQ==
x-goog-generation
1582714448597570
cache-control
public, max-age=3600
x-goog-stored-content-length
24834
accept-ranges
bytes
content-type
image/png
expires
Wed, 21 Oct 2020 04:12:22 GMT
video.mp4
cdn.cg-platform.com/LP/wizard/WR/ 		62 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/video.mp4
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
x-guploader-uploadid
ABg5-UymeJOGaW6DSvJhsbMVeYoiA2RI9wlChnS5tO6A7yodTFibknqpuQSubfLb1ryAeOkR509qEKWLl79-z3xVPytFTsOxxQ
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
980523
last-modified
Wed, 26 Feb 2020 10:38:36 GMT
server
rhino-core-shield
etag
"605d568d3352c8a28d77ca3bf3ee3603"
x-goog-hash
crc32c=8It5Aw==, md5=YF1WjTNSyKKNd8o78+42Aw==
x-goog-generation
1582713516593720
cache-control
public, max-age=3600
x-goog-stored-content-length
980523
accept-ranges
bytes
content-type
video/mp4
expires
Wed, 21 Oct 2020 04:12:22 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
4977
date
Wed, 21 Oct 2020 01:49:25 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Wed, 21 Oct 2020 03:49:25 GMT
6704.js
script.crazyegg.com/pages/scripts/0078/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0078/6704.js?445347
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
663ba90ae6d60c5444e11685b0b296c13f6a2aa63131a9727dc169d6d7db645d

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
cf-cache-status
HIT
ce-version
11.1.118
age
17075
cf-polished
origSize=2833
status
200
cf-request-id
05eabdc7ee0000dfe7e6b11000000001
last-modified
Tue, 20 Oct 2020 22:27:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
cf-ray
5e57cbecad19dfe7-FRA
cf-bgj
minify
tag.js
lptag.liveperson.net/tag/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=70099149
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
last-modified
Tue, 21 Aug 2018 07:47:45 GMT
server
ws
etag
"5b7bc3a1-198d"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
6541
collect
www.google-analytics.com/j/ 		1 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1998755540&t=pageview&_s=1&dl=https%3A%2F%2F3winorama.com%2Flp%2Ffr%2Fwizard%2F%3FInc%3D77314743%26brandId%3D4%26campaignId%3D57357%26mediaId%3D1%26dlinkCode%3DGET150%26affiliateProfileName%3DMAIN_BE%26P%3D140%26cid%3Dunj6op1127vs%26ABClicks%3D1%26shorten_link%3D5e567992a067c%26shorten_target%3D12215%26netoClickId%3D5f8fa7165e0f95251332778b&dp=https%3A%2F%2F3winorama.com%2Flp%2Ffr%2Fwizard%2F%3FInc%3D77314743%26brandId%3D4%26campaignId%3D57357%26mediaId%3D1%26dlinkCode%3DGET150%26affiliateProfileName%3DMAIN_BE%26P%3D140%26cid%3Dunj6op1127vs%26ABClicks%3D1%26shorten_link%3D5e567992a067c%26shorten_target%3D12215%26netoClickId%3D5f8fa7165e0f95251332778b&ul=en-us&de=UTF-8&dt=winorama%20-%20Wizard%20Fortune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=11364766&gjid=324400330&cid=712730480.1603249943&tid=UA-27702367-3&_gid=926809500.1603249943&_r=1&gtm=2wg9u1MM92NX&cd1=4&cd3=MAIN_BE&cd4=1&cd6=57357&z=1568454134
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 03:12:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://3winorama.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
6704.json
script.crazyegg.com/pages/data-scripts/0078/ 		17 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0078/6704.json?t=5344166
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0078/6704.js?445347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c4d233bb8e9e83588d734c5121d2700db2f1eb5428aebe3487633b0e104538

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
17120
ce-version
11.1.118
status
200
content-length
1516
cf-request-id
05eabdc80c0000178674ae9000000001
last-modified
Tue, 20 Oct 2020 22:27:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
5e57cbecd90a1786-FRA
11.1.118.js
script.crazyegg.com/pages/versioned/common-scripts/ 		99 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.118.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0078/6704.js?445347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9417079952dbe5d1b1bc0bf209d04bcf97459ce3c271837b4d9c45a48e3ecfa

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1068482
cf-polished
origSize=105320
status
200
cf-request-id
05eabdc81a0000dfe745b76000000001
last-modified
Mon, 14 Sep 2020 15:45:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
cf-ray
5e57cbecfd7fdfe7-FRA
cf-bgj
minify
.jsonp
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 		242 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
acae970390e6b2c086b8f3a81175770d21b77be89ecab52fc9b54df739946e70

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
video.mp4
cdn.cg-platform.com/LP/wizard/WR/ 		30 KB
30 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/video.mp4
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
73ad72053ffa22a97509d328b148f30144dcfc7a37b614d5f2adcabdec9c447d

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=950272-

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABg5-UymeJOGaW6DSvJhsbMVeYoiA2RI9wlChnS5tO6A7yodTFibknqpuQSubfLb1ryAeOkR509qEKWLl79-z3xVPytFTsOxxQ
x-goog-storage-class
MULTI_REGIONAL
status
206
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
Content-Length
30251
Content-Range
bytes 950272-980522/980523
last-modified
Wed, 26 Feb 2020 10:38:36 GMT
server
rhino-core-shield
etag
"605d568d3352c8a28d77ca3bf3ee3603"
x-goog-hash
crc32c=8It5Aw==, md5=YF1WjTNSyKKNd8o78+42Aw==
x-goog-generation
1582713516593720
cache-control
public, max-age=3600
x-goog-stored-content-length
980523
accept-ranges
bytes
content-type
video/mp4
expires
Wed, 21 Oct 2020 04:12:22 GMT
video.mp4
cdn.cg-platform.com/LP/wizard/WR/ 		926 KB
926 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/LP/wizard/WR/video.mp4
Requested by
Host: 3winorama.com
URL: https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.250.146 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.250.120.34.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
be436e3c35a633145aa82b579b569244bec86f7793f00293490bd078d7bc620c

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=32768-

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
age
0
x-guploader-uploadid
ABg5-UymeJOGaW6DSvJhsbMVeYoiA2RI9wlChnS5tO6A7yodTFibknqpuQSubfLb1ryAeOkR509qEKWLl79-z3xVPytFTsOxxQ
x-goog-storage-class
MULTI_REGIONAL
status
206
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
Content-Length
947755
Content-Range
bytes 32768-980522/980523
last-modified
Wed, 26 Feb 2020 10:38:36 GMT
server
rhino-core-shield
etag
"605d568d3352c8a28d77ca3bf3ee3603"
x-goog-hash
crc32c=8It5Aw==, md5=YF1WjTNSyKKNd8o78+42Aw==
x-goog-generation
1582713516593720
cache-control
public, max-age=3600
x-goog-stored-content-length
980523
accept-ranges
bytes
content-type
video/mp4
expires
Wed, 21 Oct 2020 04:12:22 GMT
serverTime.php
cdn.gratohelp.com/assets/js/ 		89 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gratohelp.com/assets/js/serverTime.php?_=1603249942469
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
22.220.102.34.bc.googleusercontent.com
Software
rhino-core-shield / PHP/5.5.9-1ubuntu4.26
Resource Hash
31117b9bb875a488e34f7907bb02c81f8de3c443c3c6dada3f277725dfce265d

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
server
rhino-core-shield
x-powered-by
PHP/5.5.9-1ubuntu4.26
vary
Accept-Encoding
content-type
application/javascript
status
200
alt-svc
clear
content-length
106
via
1.1 google
/
secure.3winorama.com/server/clickstats/ 		0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.3winorama.com/server/clickstats/?brandId=4&deviceCategory=1&campaignId=57357&mediaId=1&affiliateProfileName=MAIN_BE&referer=https%3A%2F%2F3winorama.com%2Flp%2Ffr%2Fwizard%2F%3Fshorten_link%3D5e567992a067c%26shorten_target%3D12215%26netoClickId%3D5f8fa7165e0f95251332778b%26Inc%3D77314743%26brandId%3D4%26campaignId%3D57357%26mediaId%3D1%26dlinkCode%3DGET150%26affiliateProfileName%3DMAIN_BE%26P%3D140%26cid%3Dunj6op1127vs%26ABClicks%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.16.211.130.bc.googleusercontent.com
Software
rhino-core-shield /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 21 Oct 2020 03:12:22 GMT
via
1.1 google
server
rhino-core-shield
alt-svc
clear
content-length
0
content-type
text/plain
77314743
click.power-ppp.com/traffic/registration/minisite/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.power-ppp.com/traffic/registration/minisite/77314743
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.235.12 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
12.235.227.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/?cb=lpCb94843x3270
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
98554562601978ba0c3b643f91b90c90e4574b50ca4623c6c81b637fd5a0c0e3

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
0
expires
Wed, 21 Oct 2020 03:12:39 GMT
zones
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/ 		18 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
c116cc2320ea4e2751cb7a766609f834f88568f83fc9b061f6a64974677f3dfa

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:22 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
x-envoy-upstream-service-time
2
expires
Wed, 21 Oct 2020 03:12:32 GMT
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ Frame A304 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2F3winorama.com&site=70099149&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash

Request headers

:method
GET
:authority
lpcdn.lpsnmedia.net
:scheme
https
:path
/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2F3winorama.com&site=70099149&env=prod
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b

Response headers

status
200
date
Wed, 21 Oct 2020 03:12:24 GMT
content-type
text/html
last-modified
Tue, 29 Sep 2020 18:27:10 GMT
content-encoding
gzip
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
expires
Wed, 21 Oct 2020 03:22:24 GMT
cache-control
max-age=600
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.js?loc=https%3A%2F%2F3winorama.com&site=70099149&force=1&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:24 GMT
content-encoding
gzip
last-modified
Tue, 29 Sep 2020 18:27:10 GMT
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
max-age=600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Wed, 21 Oct 2020 03:22:24 GMT
70099149
va.v.liveperson.net/api/js/ 		238 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?&cb=lpCb24993x29449&t=sp&ts=1603249942695&pid=9157276250&tid=1353464167&pt=winorama%20-%20Wizard%20Fortune&u=https%3A%2F%2F3winorama.com%2Flp%2Ffr%2Fwizard%2F%3FInc%3D77314743%26brandId%3D4%26campaignId%3D57357%26mediaId%3D1%26dlinkCode%3DGET150%26affiliateProfileName%3DMAIN_BE%26P%3D140%26cid%3Dunj6op1127vs%26ABClicks%3D1%26shorten_link%3D5e567992a067c%26shorten_target%3D12215%26netoClickId%3D5f8fa7165e0f95251332778b&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
7ee452eb44e5363af742632b1a0122c5880e3441ad88f42a44f07e686dfbd01f

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:25 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
70099149
va.v.liveperson.net/api/js/ 		110 B
852 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?sid=tDLVnDumQzGdawg_Tdj4FA&cb=lpCb2046x46912&t=pl&ts=1603249944813&pid=9157276250&tid=1353464167&vid=A1N2I5ZjQ3YWU3MjljY2Nk
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
e18f21ad3eb4a01063979033033d1506bcf24e4f865e8ec57cdb26f78e35bb55

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:25 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
70099149
va.v.liveperson.net/api/js/ 		72 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?sid=tDLVnDumQzGdawg_Tdj4FA&cb=lpCb1428x80422&t=ip&ts=1603249955416&pid=9157276250&tid=1353464167&vid=A1N2I5ZjQ3YWU3MjljY2Nk
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
feebd3b564baee4e8239a11f0ec6dbc4947c6bf427e428bb24c9437b768e1c68

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:35 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
70099149
va.v.liveperson.net/api/js/ 		73 B
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?sid=tDLVnDumQzGdawg_Tdj4FA&cb=lpCb43767x25246&t=ip&ts=1603249965597&pid=9157276250&tid=1353464167&vid=A1N2I5ZjQ3YWU3MjljY2Nk
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
eb634a45380b9dc0359d34dc9ffbe237210350608fbe93b4d7357cd5dec1a395

Request headers

Referer
https://3winorama.com/lp/fr/wizard/?Inc=77314743&brandId=4&campaignId=57357&mediaId=1&dlinkCode=GET150&affiliateProfileName=MAIN_BE&P=140&cid=unj6op1127vs&ABClicks=1&shorten_link=5e567992a067c&shorten_target=12215&netoClickId=5f8fa7165e0f95251332778b
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 03:12:45 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| dataLayer object| brandInfo function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| lpTag object| gaplugins object| gaGlobal object| gaData object| CE2 string| CE_USER_DATA_URL object| CE2BH object| platformWindow function| get_url_parameter function| getAllUrlParams object| Cookies object| Preferences function| getParamsFromFunction function| getParamsFromCookie function| checkInArray function| checkClick function| getStringCookieProperties function| OpenGamesWindowIt function| OpenGamesWindow function| openLiveChat function| printPixel function| registerUser function| isDepositor function| getVIPLevel function| fireEvent function| isReal object| lpMTagConfig function| lpAddMonitorTag function| getMobileDomain object| isMobile boolean| isNgBrand string| COOKIE_PREFIX object| jQuery110208753924650525913 string| lang string| imgUrl boolean| popup_shown string| lightBoxJS string| lightBoxCSS boolean| lightBoxLoaded boolean| exit_shown string| campaignId function| promoSideBanners function| promoBanners function| showExitPopup function| showUKPopup function| showExitPopupNonSignup1 function| showFreeSpin function| _typeof function| _extends function| getServerTime

19 Cookies

Domain/Path Name / Value
.3winorama.com/ Name: IncPar
Value: 77314743
.3winorama.com/ Name: unikClick
Value: yes
.3winorama.com/ Name: referer
Value: https%253A%252F%252F3winorama.com%252Flp%252Ffr%252Fwizard%252F%253Fshorten_link%253D5e567992a067c%2526shorten_target%253D12215%2526netoClickId%253D5f8fa7165e0f95251332778b%2526Inc%253D77314743%2526brandId%253D4%2526campaignId%253D57357%2526mediaId%253D1%2526dlinkCode%253DGET150%2526affiliateProfileName%253DMAIN_BE%2526P%253D140%2526cid%253Dunj6op1127vs%2526ABClicks%253D1
.3winorama.com/ Name: netoClickId
Value: 5f8fa7165e0f95251332778b
.3winorama.com/ Name: shorten_link
Value: 5e567992a067c
.3winorama.com/ Name: ABClicks
Value: 1
.3winorama.com/ Name: P
Value: 140
.3winorama.com/ Name: affiliateProfileName
Value: MAIN_BE
.3winorama.com/ Name: mediaId
Value: 1
.3winorama.com/ Name: campaignId
Value: 57357
.3winorama.com/ Name: shorten_target
Value: 12215
.3winorama.com/ Name: brandId
Value: 4
.3winorama.com/ Name: Inc
Value: 77314743
.3winorama.com/ Name: _gat_UA-27702367-3
Value: 1
.3winorama.com/ Name: lang
Value: fr
.3winorama.com/ Name: _gid
Value: GA1.2.926809500.1603249943
.3winorama.com/ Name: cid
Value: unj6op1127vs
.3winorama.com/ Name: dlinkCode
Value: GET150
.3winorama.com/ Name: _ga
Value: GA1.2.712730480.1603249943

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3winorama.com
accdn.lpsnmedia.net
ajax.googleapis.com
cdn.cg-platform.com
cdn.gratohelp.com
click.power-ppp.com
colortap.xyz
lpcdn.lpsnmedia.net
lptag.liveperson.net
script.crazyegg.com
secure.3winorama.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
130.211.16.99
178.249.101.23
185.98.7.187
208.89.12.87
2606:4700::6813:9308
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
34.102.220.22
34.120.250.146
35.227.235.12
16c4d233bb8e9e83588d734c5121d2700db2f1eb5428aebe3487633b0e104538
199074b00fcb3aeb4e7c0c7cc0102d4fe1dc746105bc5752b8fd51e6827dbd11
1e2caa00dccab3a16ab153317724eb5472078809e4e71f201389134fcef84703
1fb2bb90c5f6a6875daa101395ac1aaab922cd02cf883005da5fdfc26a4ee148
2e9c202c55c70a248b48ad7e4fd6c53efcb8405377da61ee279a5086d3603afd
31117b9bb875a488e34f7907bb02c81f8de3c443c3c6dada3f277725dfce265d
4a945d20bd7f7cd8d8e3a63d9df5db213b189bfd530d23f6cd7605fc9df25868
531abb44914cb67d48cb4af4fdac61fa85de321c5d7ac96e9384d0297b2226f8
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
663ba90ae6d60c5444e11685b0b296c13f6a2aa63131a9727dc169d6d7db645d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73ad72053ffa22a97509d328b148f30144dcfc7a37b614d5f2adcabdec9c447d
7ee452eb44e5363af742632b1a0122c5880e3441ad88f42a44f07e686dfbd01f
876f69734e194f27a3035f5622ddc741a0c4a675495c3eb8099fee0bb7eb27b9
885ed351bbb17368586dd3dfe016a8acb5f05b951eadfa530c36c60b049d0357
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8c4a132170a9d0c419f0402f95ed97d7eaa85a444753efaa86c2660044bcfe97
8da72ebf993dc1483cc31f9ca68cea1ea6d70572544439924076e48a93489446
948eabd14622578f2f36fbc57cdbd72b9b070ffc1978fc7b8ffe781465d7a3fd
98554562601978ba0c3b643f91b90c90e4574b50ca4623c6c81b637fd5a0c0e3
9a2c2ccc178b2c9e133ae0bbcf5ed1520af66ea65907f8ee302df645d5ee9c0d
9b47184e3dee5abf57525cbd0138969dee4806b3589bd3f4dd172885a23eac92
a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2
acae970390e6b2c086b8f3a81175770d21b77be89ecab52fc9b54df739946e70
be436e3c35a633145aa82b579b569244bec86f7793f00293490bd078d7bc620c
c116cc2320ea4e2751cb7a766609f834f88568f83fc9b061f6a64974677f3dfa
c6e45141cebd0f1e459dec46176754869d30a295d78f7e9f9e7ecb08237b8764
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
d9417079952dbe5d1b1bc0bf209d04bcf97459ce3c271837b4d9c45a48e3ecfa
dc36641dcd0342e0da8a28e760c19bf0a1ab56d544cc10a217b851f640d619b3
e18f21ad3eb4a01063979033033d1506bcf24e4f865e8ec57cdb26f78e35bb55
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8233ab195422cc7c089bcce39513ecbedddcc5ce13d1f034bb35ef18cf6a28b
eb634a45380b9dc0359d34dc9ffbe237210350608fbe93b4d7357cd5dec1a395
eba3664c70f5426b36f2d726172a927e31ca30ce0250ea8e8422dd52ce5857e7
edc23fe4d35a42a63508c05df5d95ec58d83b2ae68a81f6d911bb52a8a76b93d
f67c5806f3a0486649203c97b5af44ae18908f7eb0b101772986fc7323a99dbe
feebd3b564baee4e8239a11f0ec6dbc4947c6bf427e428bb24c9437b768e1c68