secure.gratowin.com Open in urlscan Pro
147.78.140.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure.gratowin.com/
Effective URL:
https://secure.gratowin.com/
Submission: On November 17 via api (November 17th 2023, 2:55:19 pm UTC) from US — Scanned from DE

Summary HTTP 145 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 16 domains to perform 145 HTTP transactions. The main IP is 147.78.140.54, located in Bulgaria and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is secure.gratowin.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2023. Valid for: a year.

This is the only time secure.gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5 54	147.78.140.54 147.78.140.54	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	172.217.18.106 172.217.18.106	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.104 172.217.18.104	15169 (GOOGLE) (GOOGLE)
2	142.250.186.187 142.250.186.187	15169 (GOOGLE) (GOOGLE)
3	54.195.39.4 54.195.39.4	16509 (AMAZON-02) (AMAZON-02)
8	147.78.140.52 147.78.140.52	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	76.223.64.65 76.223.64.65	16509 (AMAZON-02) (AMAZON-02)
1	195.181.170.19 195.181.170.19	60068 (CDN77 ^_^) (CDN77 ^_^)
3	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.172.153.7 18.172.153.7	16509 (AMAZON-02) (AMAZON-02)
3	99.86.91.109 99.86.91.109	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
40	2a00:1450:400... 2a00:1450:4001:801::201b	15169 (GOOGLE) (GOOGLE)
17	172.67.219.191 172.67.219.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	143.204.98.24 143.204.98.24	16509 (AMAZON-02) (AMAZON-02)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	18.245.60.109 18.245.60.109	16509 (AMAZON-02) (AMAZON-02)
145	20

54 147.78.140.54 (Bulgaria) 5 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

secure.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms2.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.187 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f27.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.195.39.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 147.78.140.52 (Bulgaria)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

analytics.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ga.streamygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.64.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com

anakatechsupport.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.181.170.19 (Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 610407756.fra.cdn77.com

web-sdk.smartlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.153.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-153-7.lhr50.r.cloudfront.net

b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.91.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-109.cdg50.r.cloudfront.net

d2afn796dyftlg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:801::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.67.219.191 (United States)

ASN13335 (CLOUDFLARENET, US)

cms2.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-24.fra50.r.cloudfront.net

3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-109.fra60.r.cloudfront.net

anakatech.uat1.evo-test.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	gratowin.com 5 redirects secure.gratowin.com cms2.gratowin.com www.gratowin.com	905 KB
44	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 storage.googleapis.com — Cisco Umbrella Rank: 409	1 MB
17	netoplaycdn.com cms2.netoplaycdn.com	2 MB
8	streamygame.com analytics.streamygame.com ga.streamygame.com	12 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
4	antillephone.com 3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	51 KB
4	gstatic.com fonts.gstatic.com	96 KB
3	cloudfront.net d2afn796dyftlg.cloudfront.net	10 KB
3	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6259	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	186 KB
1	evo-test.com anakatech.uat1.evo-test.com	3 KB
1	certria.com b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	2 KB
1	bing.com bat.bing.com — Cisco Umbrella Rank: 366	13 KB
1	smartlook.com web-sdk.smartlook.com — Cisco Umbrella Rank: 21232	2 KB
1	freshchat.com anakatechsupport.freshchat.com	21 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	20 KB
145	16

	Domain	Requested by
48	secure.gratowin.com	4 redirects secure.gratowin.com
42	storage.googleapis.com	secure.gratowin.com
17	cms2.netoplaycdn.com	secure.gratowin.com
4	ga.streamygame.com	storage.googleapis.com secure.gratowin.com
4	3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com	www.gratowin.com
4	www.gratowin.com	1 redirects secure.gratowin.com www.gratowin.com
4	fonts.gstatic.com	fonts.googleapis.com
4	analytics.streamygame.com	secure.gratowin.com
3	d2afn796dyftlg.cloudfront.net	secure.gratowin.com d2afn796dyftlg.cloudfront.net
3	www.google-analytics.com	www.googletagmanager.com secure.gratowin.com
3	mpsnare.iesnare.com	secure.gratowin.com mpsnare.iesnare.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cms2.gratowin.com	secure.gratowin.com
2	www.googletagmanager.com	secure.gratowin.com www.google-analytics.com
2	fonts.googleapis.com	secure.gratowin.com client
1	anakatech.uat1.evo-test.com	secure.gratowin.com
1	b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com	secure.gratowin.com
1	bat.bing.com	www.googletagmanager.com
1	web-sdk.smartlook.com	secure.gratowin.com
1	anakatechsupport.freshchat.com	secure.gratowin.com
1	maxcdn.bootstrapcdn.com	secure.gratowin.com
145	21

This site contains links to these domains. Also see Links.

Domain
www.netopartners.com

Subject Issuer	Validity	Valid
secure.gratowin.com Cloudflare Inc ECC CA-3	`2023-06-30` - `2024-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2024-05-29`	a year	crt.sh
analytics.streamygame.com Cloudflare Inc ECC CA-3	`2023-07-01` - `2024-06-30`	a year	crt.sh
*.freshchat.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh
1688964705.rsc.cdn77.org R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.seals-emr.certria.com AlphaSSL CA - SHA256 - G4	`2023-07-24` - `2024-08-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
cms2.gratowin.com Cloudflare Inc ECC CA-3	`2023-06-30` - `2024-06-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.gratowin.com Cloudflare Inc ECC CA-3	`2023-06-30` - `2024-06-29`	a year	crt.sh
netoplaycdn.com GTS CA 1P5	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.snippet.antillephone.com Starfield Secure Certificate Authority - G2	`2023-04-02` - `2024-05-03`	a year	crt.sh
ga.streamygame.com Cloudflare Inc ECC CA-3	`2023-07-01` - `2024-06-30`	a year	crt.sh
*.cit1.evo-test.com SSL.com RSA SSL subCA	`2023-02-21` - `2024-03-16`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://secure.gratowin.com/
Frame ID: 1EFEBB03E52358FB766CB5B81BCAA8DE
Requests: 126 HTTP requests in this frame

Frame: https://secure.gratowin.com/brand-info.json
Frame ID: 872AD439B11A34B808A5A38B1925E122
Requests: 1 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 451C0847C877790B0DD2B918E0737C56
Requests: 2 HTTP requests in this frame

Frame: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=
Frame ID: DB529C0C9CB1741776DA02DBACA9B05C
Requests: 2 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 70305B6BF3273A189C8EEEB67A805FFD
Requests: 2 HTTP requests in this frame

Frame: https://www.gratowin.com/seal.html
Frame ID: FD65DAA81939013DCCB3CE57F911AFD1
Requests: 5 HTTP requests in this frame

Frame: https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: FDE5ED4D4A0C04EE508FE57534E1C2AF
Requests: 2 HTTP requests in this frame

Frame: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 765E0F3589443675EC6AC8D697EB8C9C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GratoWin

Page URL History Show full URLs

http://secure.gratowin.com/ HTTP 301
https://secure.gratowin.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

145
Requests

97 %
HTTPS

5 %
IPv6

16
Domains

21
Subdomains

20
IPs

5
Countries

4749 kB
Transfer

9096 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.netopartners.com/
Title: Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure.gratowin.com/ HTTP 301
https://secure.gratowin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 63

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 90

https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Request Chain 105

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

145 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.gratowin.com/
Redirect Chain

http://secure.gratowin.com/
https://secure.gratowin.com/

4 KB
2 KB

167ms
134ms

Document
text/html

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a8deaadb9239084af88029050267e10ed8fccd57825ed506ed0ade89461226c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache,max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8278d0194e1839f1-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 17 Nov 2023 14:55:07 GMT
expires: Fri, 17 Nov 2023 14:55:07 GMT
last-modified: Tue, 14 Nov 2023 06:59:41 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1699945181022560
x-goog-hash: crc32c=H1AFAQ== md5=I7endsT/78IKps358dRunw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3062
x-guploader-uploadid: ABPtcPq0hR2OjQlQbTBfZWWsErJTYp2jAm6FoeVg5NF3EGfByNrLAPKBZqsqSVI6sGH11pVOanA

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8278d018cbe6bb4d-FRA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 17 Nov 2023 14:55:07 GMT
Location: https://secure.gratowin.com/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 371ms
22ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f10.1e100.net

Software

ESF /

Resource Hash

cfd2909b0463fd227763a7fd38530bc46cd675295141ab90901499b018e5e771

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 14:55:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 14:55:08 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
20 KB 372ms
24ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 755
age: 942273
cdn-cachedat: 11/18/2022 06:18:39
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f624089c65f12185e79925bc5a7fc42"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 364b511327afbfb612d6d9853b954a1c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8278d01c6c2392a8-FRA
cdn-requestpullsuccess: True

GET
H2 200 dot-pulse.css
secure.gratowin.com/ 4 KB
1 KB 126ms
119ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/dot-pulse.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPrn-Ky3geqoXZ6RLElMHQl0DrQcIk9e0aU5gnutGg_-pk5uyCn_lziA18IGFeteoukUsQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:06:59 GMT
server: cloudflare
etag: W/"63ec6ad3f23feea868bb8ad6eb2c62d1"
vary: Accept-Encoding
x-goog-generation: 1697623619732994
content-type: text/css
x-goog-hash: crc32c=Z/NCrA==, md5=Y+xq0/I/7qhou4rW6yxi0Q==
cache-control: public, max-age=3600
x-goog-stored-content-length: 4542
cf-ray: 8278d01a4f3639f1-FRA
expires: Fri, 17 Nov 2023 15:55:07 GMT

GET
H2 200 offline-js-script.js Show response
secure.gratowin.com/ 16 KB
4 KB 134ms
128ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/offline-js-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aae23685ad6563cbbb3e33632fb29c31078254370c57be634b7a80f173ce708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqLddFlHmxCwfBEw7zhy_7tM1dia5f5fjSIZ5ta4cEdWalIA8XeMVZAX9Zu9rAOcFCpg7NZnFWLXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:00 GMT
server: cloudflare
etag: W/"1eda92aed77dbe82805bdea3a910830e"
vary: Accept-Encoding
x-goog-generation: 1697623620233029
content-type: application/javascript
x-goog-hash: crc32c=gzFIHw==, md5=HtqSrtd9voKAW96jqRCDDg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 16008
cf-ray: 8278d01a4f3b39f1-FRA
expires: Fri, 17 Nov 2023 15:55:07 GMT

GET
H2 200 338.6d041aaa77d67108e45e.css
secure.gratowin.com/ 91 KB
26 KB 131ms
126ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/338.6d041aaa77d67108e45e.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e205c59d44f4f0a0c66989238c8b818b3628171c2f4d912810a09a92d03905e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPp82AA18yypbD3hNoHIwfb0o3yBDa56CfBphcfNAwhP8oLG9XcLT49_8HLm2uddHp2OrA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:15 GMT
server: cloudflare
etag: W/"169df439afd57dfa90a709509d56df2f"
vary: Accept-Encoding
x-goog-generation: 1699945035422481
content-type: text/css
x-goog-hash: crc32c=nArb0A==, md5=Fp30Oa/VffqQpwlQnVbfLw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 93124
cf-ray: 8278d01a4f3739f1-FRA
expires: Fri, 17 Nov 2023 15:55:07 GMT

GET
H2 200 main.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 2 MB
515 KB 113ms
109ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/main.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72ba589e030b6b1b37aa2dd5ef0a663660368999f9e23e5c686d72210529dcb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPpPJinT74xrV0HPLLvDJx3K2Fjd88YNFrTW8NeCsm1KPZ9wH1uLKF3SDHWIoRkCscxa5EJoipRATw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"650f81be80bb01b9aaf72de19ad3a342"
vary: Accept-Encoding
x-goog-generation: 1699945059516683
content-type: application/javascript
x-goog-hash: crc32c=WVI+2A==, md5=ZQ+BvoC7Abmq9y3hmtOjQg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2156847
cf-ray: 8278d01a4f3c39f1-FRA
expires: Fri, 17 Nov 2023 15:55:07 GMT

GET
H2 200 runtime.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 6 KB
3 KB 140ms
136ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172bd24482eb3ee7cd47d845136150246425e03c2867139e8cd2caf0160ef80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:07 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqiA7Fdm1azzGlLQBppGqW9sB1tCZaaXl-QXFR1RRijgVuc4biMKKzs4t_9dPNFZ0CLTbqcbx2ZiA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"1349dd4a7f222c492ad179f049b5e69c"
vary: Accept-Encoding
x-goog-generation: 1699945059970514
content-type: application/javascript
x-goog-hash: crc32c=bTkNWA==, md5=E0ndSn8iLEkq0XnwSbXmnA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 6015
cf-ray: 8278d01a4f3d39f1-FRA
expires: Fri, 17 Nov 2023 15:55:07 GMT

GET
H2 200 1_pixel.png
secure.gratowin.com/assets/images/ 2 KB
2 KB 121ms
118ms Image
image/png 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/images/1_pixel.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:07 GMT
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqIBVlb349O-TzZdxPbsFHoJyUvap5ZuWAK6g_NCEd34d28oNSWMaPfGJlrHoNfv33kSBVnP4aUag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1943
last-modified: Wed, 18 Oct 2023 10:07:05 GMT
server: cloudflare
etag: "f0601ed2d0bef14ed7ce4793b13a670b"
vary: Accept-Encoding
x-goog-generation: 1697623625083665
content-type: image/png
x-goog-hash: crc32c=hQGYGw==, md5=8GAe0tC+8U7XzkeTsTpnCw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1943
accept-ranges: bytes
cf-ray: 8278d01a4f3f39f1-FRA
expires: Fri, 17 Nov 2023 15:55:07 GMT

GET
H2 200 iovation-script.js Show response
secure.gratowin.com/ 5 KB
2 KB 95ms
95ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/iovation-script.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd039d1d5621472a25b228ca3f48c08aef9cabf180e982530cd84a3abc04555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqlfasRlc3RzqjN9u25GWtp3CqGCQ8NpNcOuM9-SIFLjLMRPnZP_qmtWG75CKFLHO6dWIrk_o7ECg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:00 GMT
server: cloudflare
etag: W/"76098bc71cf65bf3e16dcba0dd42b6ec"
vary: Accept-Encoding
x-goog-generation: 1697623620157474
content-type: application/javascript
x-goog-hash: crc32c=OvAm8g==, md5=dgmLxxz2W/Phbcug3UK27A==
cache-control: public, max-age=3600
x-goog-stored-content-length: 5514
cf-ray: 8278d01c8a2839f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 423 KB
101 KB 382ms
55ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

683c8a367c5ec4674454d06456255ca95d5a0ba796d5b77b2325d4bbf3a91543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103290
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Nov 2023 14:55:08 GMT

GET
H2 200 brand-info.json Show response
secure.gratowin.com/ Frame 872A 810 B
638 B 71ms
70ms Document
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/brand-info.json
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8278d01caa4639f1-FRA
content-encoding: gzip
content-type: application/json
date: Fri, 17 Nov 2023 14:55:08 GMT
etag: W/"2591ae3250ac9433c6a7e9ab77315c90"
expires: Fri, 17 Nov 2023 15:55:08 GMT
last-modified: Sun, 03 Jan 2021 08:59:18 GMT
server: cloudflare
vary: Accept-Encoding
x-goog-generation: 1609664358830795
x-goog-hash: crc32c=uP0vxg== md5=JZGuMlCslDPGp+mrdzFckA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 810
x-guploader-uploadid: ABPtcPqACfVeGtNFOa6Sy2lXDbhaOoxus4IOKSOTqh5hfMLBIlZhwb0UNKRNszx6VZp56nabBJc

GET
H2

200

main.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 451C
Redirect Chain

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

16ms
15ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdf435cdd653fa5c6777572ffdfab1647e9bd13426bfefbd519495702deec119

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8278d01debd339f1-FRA

Redirect headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8278d01dbb9739f1-FRA

GET
H2 200 appData Show response
secure.gratowin.com/playerapi/ 66 KB
17 KB 126ms
125ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/appData?language=en&device=DESKTOP&timestamp=1700232908449&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 229860d5579a814fd16d2e3912991003d14de5bba211f8cb4d006e293c802210

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
ldAlias

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"10779-SoZaTECEQ8llw8IXbgSfnELsNeY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8278d01dcbb039f1-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 appStaticData Show response
secure.gratowin.com/playerapi/ 2 KB
1 KB 224ms
224ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/appStaticData?language=en&device=DESKTOP&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b5266176475170d856198d9eb5c1040905fb8741cd1f97b7dba0b62e9312d098

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
ldAlias

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"878-zEzH4Mw9hPwDZxspolsgy6dMVhY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 8278d01dcbb539f1-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 8.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 11 KB
12 KB 469ms
44ms Image
image/png 142.250.186.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/8.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.187 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f27.1e100.net
Software: UploadServer /
Resource Hash: e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
age: 0
x-guploader-uploadid: ABPtcPpOTL1zDl2PVVr6QLEjTsK5nkem9KGyI9tYeOZSqZl1WaupCmv0SzkSMAqLBFuR_KX9m0OF0n6hsg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11475
last-modified: Mon, 14 Dec 2020 09:52:31 GMT
server: UploadServer
etag: "21a5358c0ea98af8a9aa561c2bffb91d"
x-goog-generation: 1607939551876388
x-goog-hash: crc32c=uYCRdA==, md5=IaU1jA6pivipqlYcK/+5HQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 11475
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 404 static_wdp.js
secure.gratowin.com/iojs/general5/ 0
0 93ms
92ms Script
application/xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/iovation-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: BYPASS
server: cloudflare
x-guploader-uploadid: ABPtcPr_NXMp6KrWi-gLFT-vhJmX_WvoxW_RZisHHlI9MvyVk21iQKWy1GDgkJO2mpIF9RpvqEw
vary: Accept-Encoding
content-type: application/xml; charset=UTF-8
cache-control: private, max-age=0
cf-ray: 8278d01debd239f1-FRA
expires: Fri, 17 Nov 2023 14:55:08 GMT

GET
H/1.1 200
OK wdp.js Show response
mpsnare.iesnare.com/general5/ 42 KB
20 KB 173ms
68ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/iovation-script.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1b3cf55ddf07b3198e5a82c15c88eb55d0e6800cd7c40f8992b7e0e93708bef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 14:55:08 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

POST
H2 200 8278d0194e1839f1 Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 451C 0
256 B 47ms
47ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/8278d0194e1839f1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8278d01eacd439f1-FRA
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 event
analytics.streamygame.com/ Frame 0
0 139ms
75ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept content-type
access-control-allow-methods: GET, POST, PUT, DELETE GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8278d01f4e1a2bc0-FRA
content-length: 0
date: Fri, 17 Nov 2023 14:55:08 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 widget.js Show response
anakatechsupport.freshchat.com/js/ 66 KB
21 KB 384ms
113ms Script
application/javascript 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://anakatechsupport.freshchat.com/js/widget.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.6d041aaa77d67108e45e.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-trace-id: 00-e37cce30d09acad53972875eec4843de-e3bd329d631e59da-00
date: Fri, 17 Nov 2023 14:55:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 04:23:07 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: lrq47
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: d0288122-ccc3-40be-8de4-af8dfadd6559

GET
H2 200 recorder.js Show response
web-sdk.smartlook.com/ 6 KB
2 KB 586ms
24ms Script
application/javascript 195.181.170.19
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://web-sdk.smartlook.com/recorder.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.6d041aaa77d67108e45e.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.181.170.19 , Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

610407756.fra.cdn77.com

Software

CDN77-Turbo /

Resource Hash

15adf8978eb04707c9ddae36c99938249154d563d43e621441850bf5eb4e9cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 17 Nov 2023 14:55:09 GMT
strict-transport-security: max-age=31536000, max-age=31536000
content-encoding: gzip
x-age-lb: 205
x-77-cache: HIT
cross-origin-resource-policy: cross-origin
x-accel-date: 1700232704
x-77-nzt: AsO1qhE3Nzf/zQAAANRmOAk3Nzf/AAAAAA
x-accel-expires: @1700233304
x-77-age: 205
x-cache-lb: HIT
last-modified: Wed, 15 Nov 2023 16:22:35 GMT
server: CDN77-Turbo
etag: W/"6554f04b-17d1"
x-77-nzt-ray: 4c15622436a1f7d1cd7e57652ea43d0b
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600

POST
H2 200 event Show response
analytics.streamygame.com/ 0
42 B 172ms
68ms XHR
text/plain 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 14:55:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8278d0205de31c85-FRA
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

POST
H2 200 getAll Show response
secure.gratowin.com/translations/ 4 KB
1 KB 55ms
54ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/translations/getAll?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 33ca242f06daeb930a6a59b6a05524346af8001865296169457b029398f15a6e

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1020-7NTqgUCWmhrJQlz1wKKl8YhkPR8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 8278d01eed0939f1-FRA

GET
H2 200 en.json Show response
secure.gratowin.com/i18n/lang/ 233 KB
50 KB 140ms
139ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/i18n/lang/en.json?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d179b0a2cee9a794df7c65233915ba9ae2f24734ed098626f637751ab40e496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-guploader-uploadid: ABPtcPpL0pZVR4CIEHDVCU9oZL--vj9IN9YtHBcFzMJHsbEKPoUABYVZcFaOoD6ICkPzfcfh9wo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 07:00:11 GMT
server: cloudflare
etag: W/"abb5945a5cb052c4195fdd6e1c9d1019"
vary: Accept-Encoding
x-goog-generation: 1699945211725546
content-type: application/json
x-goog-hash: crc32c=NkVETQ==, md5=q7WUWlywUsQZX91uHJ0QGQ==
cache-control: no-store,no-cache,max-age=0
x-goog-stored-content-length: 238372
cf-ray: 8278d01efd1c39f1-FRA
expires: Fri, 17 Nov 2023 14:55:08 GMT

POST
H2 200 getAll Show response
secure.gratowin.com/translations/ 4 KB
1 KB 89ms
88ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/translations/getAll?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 33ca242f06daeb930a6a59b6a05524346af8001865296169457b029398f15a6e

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1020-7NTqgUCWmhrJQlz1wKKl8YhkPR8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 8278d01efd1d39f1-FRA

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/5.7.0/ 505 B
1 KB 47ms
47ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/5.7.0/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

072a41bcaf53ec69ef4b371847306fa35036cd9681380b357768459eab08d3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 14:55:08 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Sat, 16 Nov 2024 14:55:08 GMT

GET
H/1.1 206
Partial Content time.mp3
mpsnare.iesnare.com/ 504 B
881 B 76ms
37ms Media
audio/mpeg 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/time.mp3?nocache=0.505864576619611

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6570c735518d3b261611298f4d3bf3775d607b282b28b1695cb12a593b69b0f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://secure.gratowin.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Pragma: public
Date: Fri, 17 Nov 2023 14:55:08 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Server: nginx
Content-Type: audio/mpeg
Content-Range: bytes 0-503/504
Content-Disposition: inline; filename=time.mp3
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 504
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 470ms
11ms Script
text/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 13:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3928
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 17 Nov 2023 15:49:41 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 655ms
198ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBWD3B

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 17 Nov 2023 14:55:09 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4DC7C3BA44724CB4B23395CC0EFB02CD Ref B: FRAEDGE1919 Ref C: 2023-11-17T14:55:09Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 en.json Show response
secure.gratowin.com/i18n/lang/ 233 KB
50 KB 74ms
73ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/i18n/lang/en.json?requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d179b0a2cee9a794df7c65233915ba9ae2f24734ed098626f637751ab40e496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-guploader-uploadid: ABPtcPqpxsqvqFFs_7CVg35hpapF7MmWGBVanM3AdbRCtvYqJk8rkeL2WMiparcYsOZuZnpa5EI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 07:00:11 GMT
server: cloudflare
etag: W/"abb5945a5cb052c4195fdd6e1c9d1019"
vary: Accept-Encoding
x-goog-generation: 1699945211725546
content-type: application/json
x-goog-hash: crc32c=NkVETQ==, md5=q7WUWlywUsQZX91uHJ0QGQ==
cache-control: no-store,no-cache,max-age=0
x-goog-stored-content-length: 238372
cf-ray: 8278d01f7db339f1-FRA
expires: Fri, 17 Nov 2023 14:55:08 GMT

OPTIONS
H2 200 event
analytics.streamygame.com/ Frame 0
0 36ms
36ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Origin,Content-Type, Accept content-type
access-control-allow-methods: GET, POST, PUT, DELETE GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8278d01f9e722bc0-FRA
content-length: 0
date: Fri, 17 Nov 2023 14:55:08 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 emr-seal.js Show response
b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com/ 3 KB
2 KB 554ms
112ms Script
text/javascript 18.172.153.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com/emr-seal.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.6d041aaa77d67108e45e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.153.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-153-7.lhr50.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

306a4e3c53cb42d71630d705071e6562b792f837c9ba004f78f9e3c7cb3660e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 2eadda0e57cd7e495ec3550f05424d3e.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: LHR50-P5
x-powered-by: Express
etag: W/"c17-QHY7kyck+Uy1c+Ovp+Ymuvb6SYY"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 8278d02278976403-LHR
x-amz-cf-id: Ajod9WZarUY-r93yPuSRSsT7-4nvXdDU4Hm5n3RBT21-zcR_8fYxbw==

GET
H2 200 vendors~Cashier~GameFrame~GameFrameValidations~Lobby~StartSessionModal.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 13 KB
4 KB 144ms
142ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Cashier~GameFrame~GameFrameValidations~Lobby~StartSessionModal.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067b6ebcefa5dbbd0af6ae707c21061eb841b515e0ea1617c95917ecff0fad24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqrrX1ikzX4AbCsUj1z4lQuN6iP3vD0lSsrkHf4mNJm2yM_k2dA7KV9kwJe10n9X0_PJ8BQa-7M4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:40 GMT
server: cloudflare
etag: W/"45b5384ab2484378450672f4768bd77b"
vary: Accept-Encoding
x-goog-generation: 1699945060019667
content-type: application/javascript
x-goog-hash: crc32c=bxNo9g==, md5=RbU4SrJIQ3hFBnL0dovXew==
cache-control: public, max-age=3600
x-goog-stored-content-length: 13073
cf-ray: 8278d01f8dc639f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 vendors~Cashier~GameFrame~GameFrameValidations~Lobby.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 17 KB
6 KB 137ms
136ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Cashier~GameFrame~GameFrameValidations~Lobby.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea47861f3a7ed205a8c8d83e3756164f4a0987d6bf7421b5599e94abf7d03d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqjRaP7bYr-JZ8sJEZ8qJsGPwfHUlmPkzRM0P4krWC5ZKQfiMwpVsnwBLADedL0Rkw6l-d8riB0NQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:39 GMT
server: cloudflare
etag: W/"3b8d562ffff5094ee781950a07206325"
vary: Accept-Encoding
x-goog-generation: 1699945059862728
content-type: application/javascript
x-goog-hash: crc32c=d1mA8g==, md5=O41WL//1CU7ngZUKByBjJQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 17387
cf-ray: 8278d01f8dc939f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 vendors~Lobby~Slider.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 57 KB
15 KB 140ms
139ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Lobby~Slider.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e47ee54e22ca42f903eb52bc711f60d93b05f595eb5f65454da85f4dc81036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPoz4d-Mtbu9X379m-F5QBLYLZar-YQPHzQWzRTTk6fP35QSK1Zpno3UySXImYm7ePR3wPsGd3PnCQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:40 GMT
server: cloudflare
etag: W/"37952628c0efa7dbaf808d0459ad19ba"
vary: Accept-Encoding
x-goog-generation: 1699945060395954
content-type: application/javascript
x-goog-hash: crc32c=27WKrA==, md5=N5UmKMDvp9uvgI0EWa0Zug==
cache-control: public, max-age=3600
x-goog-stored-content-length: 57987
cf-ray: 8278d01f8dcb39f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 vendors~Lobby.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 15 KB
5 KB 142ms
141ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/vendors~Lobby.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f54553274f460f9d71d346b32bd34d7c4b1c3d968cdc1a7075cf22863be49de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqRmHSjS6zSlXzMpT_DWxOGJmVhlTuwLNBh3AzAv0O3r3YfowF9BNdyi7wJpgJ2BjA1NBkjm2bPXA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:40 GMT
server: cloudflare
etag: W/"d1b65c82f645e18a461f77ea8d25faac"
vary: Accept-Encoding
x-goog-generation: 1699945060419963
content-type: application/javascript
x-goog-hash: crc32c=KtYqhQ==, md5=0bZcgvZF4YpGH3fqjSX6rA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 15071
cf-ray: 8278d01f8dce39f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 312.6d041aaa77d67108e45e.css
secure.gratowin.com/ 131 KB
18 KB 138ms
137ms Stylesheet
text/css 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/312.6d041aaa77d67108e45e.css
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8277b0b9a43b24cb577a0b5e8eb07e4bb293bed4b79bf523a11aebc4343a1ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPosbncNOC7rLhK0MXKZTBixQFHRmw9XwyMOQEv9B26ORvqqyWsKOVRBDcxWUksBNZ_8yB8ZYV1UoQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:14 GMT
server: cloudflare
etag: W/"0808763e32a62725a26f7614215e3745"
vary: Accept-Encoding
x-goog-generation: 1699945034235877
content-type: text/css
x-goog-hash: crc32c=iKyNGA==, md5=CAh2PjKmJyWib3YUIV43RQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 134273
cf-ray: 8278d01f8dc539f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 Lobby.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 228 KB
67 KB 137ms
136ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/Lobby.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ed2a63dfad9be57d2789d4f079fd7c67328f9467b5cce4539e4dd0c98a73a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPrYeImGc1R0m_zXYrtjonrPifKPWxj2U-GX2u1VJ6eqDDrMka8aCM_Zua--4wHE3NckEOIG9h5baA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:36 GMT
server: cloudflare
etag: W/"de1ae272213a25d460d7eb1c87586495"
vary: Accept-Encoding
x-goog-generation: 1699945056927312
content-type: application/javascript
x-goog-hash: crc32c=5yJvWQ==, md5=3hriciE6JdRg1+sch1hklQ==
cache-control: public, max-age=3600
x-goog-stored-content-length: 233875
cf-ray: 8278d01f8dd039f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 refreshToken Show response
secure.gratowin.com/playerapi/ 29 B
191 B 36ms
35ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/refreshToken?device=DESKTOP&language=en&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
ldAlias

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1d-8FgmlGBAlsa83L78oaBAOCRXFa8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8278d01f8dd339f1-FRA
swagger-api-docs-url: /playerapi

POST
H2 200 event Show response
analytics.streamygame.com/ 0
322 B 155ms
65ms XHR
text/plain 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.streamygame.com/event

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 14:55:08 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8278d0205de41c85-FRA
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 oapit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 37 KB
8 KB 435ms
20ms Script
application/javascript 99.86.91.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-109.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aee37563498c6b9d28eda1e4fa7fddeb8b8f8223b623a0767c7fcd3bc3348ba7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:53:00 GMT
content-encoding: gzip
via: 1.1 749a671e906c28858bfa6b66ced6ce58.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 13:20:43 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 130
x-amz-server-side-encryption: AES256
etag: W/"cda051ce7e5e3d189d1ed6d991e9c013"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JJqlOuXe1WxYSAVA_YgMzmIbL2Ct-9Zn83bkMz4iy8dqhnwh76txkw==

GET
H2 200 JackpotAnimation.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 6 KB
2 KB 101ms
100ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/JackpotAnimation.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9207ac8f91fe621faaaf513e98755be395dfe1987950a0ad1aa508c8637b96d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPrdOPhMvjR9J8tUpD8FTyV5X5-3aBbmwUQDpK2yyxD1c4CxJYydAKUgVZrXrnIhznRlTOPoac0pCg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:36 GMT
server: cloudflare
etag: W/"f98caebc31f24d6919364cb42c78cc94"
vary: Accept-Encoding
x-goog-generation: 1699945056545001
content-type: application/javascript
x-goog-hash: crc32c=mXRH9Q==, md5=+YyuvDHyTWkZNky0LHjMlA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 6486
cf-ray: 8278d01fde2439f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 BonusAnimation.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 8 KB
3 KB 107ms
107ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/BonusAnimation.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab342fcaeef1cb265817783f2f8454961b3259dae4c0ce05af1fa2392f02de2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPp4NGjClied_ox5TplHwv84vEYepnUlZFYClh7XkRK9arPDmT2IEVupG9ERssLiEgiEcw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:34 GMT
server: cloudflare
etag: W/"6fbdf7e7e84aac0af9a6b717c27c353f"
vary: Accept-Encoding
x-goog-generation: 1699945054639323
content-type: application/javascript
x-goog-hash: crc32c=wIwV6Q==, md5=b7335+hKrAr5prcXwnw1Pw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 8033
cf-ray: 8278d01fde2839f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 LimitNotification.6d041aaa77d67108e45e.bundle.js Show response
secure.gratowin.com/ 5 KB
2 KB 108ms
108ms Script
application/javascript 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/LimitNotification.6d041aaa77d67108e45e.bundle.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/runtime.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc0a5ec70e694026143af49e4d9bc423d812096c1b7d3bdc6e65dde3e891b409

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPrcf6GeLHRb_tlKYuw6gjxCjkovXQAk_RfJKTsVjXUf4b2LheEKfaTW2dYN9aVB7ElXUY4bc-dLuQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 14 Nov 2023 06:57:37 GMT
server: cloudflare
etag: W/"4c78bd6fd07ae043dff7ba18b777883f"
vary: Accept-Encoding
x-goog-generation: 1699945057021819
content-type: application/javascript
x-goog-hash: crc32c=H74Psw==, md5=THi9b9B64EPf97oYt3eIPw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 4886
cf-ray: 8278d01fde2c39f1-FRA
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 / Show response
cms2.gratowin.com/drupal_templates/slider/ 28 KB
4 KB 1442ms
1393ms XHR
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.gratowin.com/drupal_templates/slider/?lang=en&brandId=8&playerType=0&lobbyTemplateId=3&selectedGameTab=1&isLoggedIn=false&eligibleForRegulationMarketing=true&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7970f5651d732b7599fee191150192546533abcb77d7de83761f1df01ddca119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 8278d0211c222bcd-FRA

GET
H2 200 / Show response
cms2.gratowin.com/drupal_templates/footer// 22 KB
5 KB 104ms
65ms XHR
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cms2.gratowin.com/drupal_templates/footer//?lang=en&regCountry=undefined&login=0&state=&brandId=8&currency=undefined&type=&playerType=0&eventTypes=&eventStartDates=&eventEndDates=&eventWinnerEndDates=&isLoggedIn=false&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d8e64647ff26ec08ef571983cff89c2477be7bf5a58f0c31f6aad4d3b1e329a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-max-age: 86400
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://secure.gratowin.com
access-control-allow-credentials: true
cf-ray: 8278d0211c1f2bcd-FRA

GET
H2 200 logo.png
storage.googleapis.com/moon-prod/static-content/brands/8/ 52 KB
53 KB 45ms
44ms Image
image/png 142.250.186.187
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/moon-prod/static-content/brands/8/logo.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.187 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:08 GMT
age: 0
x-guploader-uploadid: ABPtcPrIDbrpbUQyERCvCX6N9lDAHvxeBfK8IRAZ1qWhYN5DjHLc1TAuoWeEipDnRFDSUa8rAdERs6f5Lw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53570
last-modified: Sun, 06 Sep 2020 14:56:18 GMT
server: UploadServer
etag: "8da035e6e305e63288d58c81e1cb6316"
x-goog-generation: 1599404178125470
x-goog-hash: crc32c=F2Tmng==, md5=jaA15uMF5jKI1YyB4ctjFg==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 53570
accept-ranges: bytes
x-goog-meta-cb-modifiedtime: Sun, 06 Sep 2020 07:59:49 GMT
expires: Fri, 17 Nov 2023 15:55:08 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 366ms
28ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 74164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 18:19:05 GMT

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924

Request headers

Referer
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H2 200 getRecentWinnings Show response
secure.gratowin.com/playerapi/recentWinnings/ 3 KB
927 B 118ms
117ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/recentWinnings/getRecentWinnings?currency=EUR&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 507b30e5c48244d59c6f765344b87ebbedef23548968bcb0907019dc33b48d34

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
ldAlias

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"acd-MFqR7m9nLMDG2AFlU/IEicekNlU"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8278d021181b39f1-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getJackpotGameDetails Show response
secure.gratowin.com/playerapi/games/ 216 B
405 B 63ms
62ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
ldAlias

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"d8-JgpI/fzMDIZ27W48J+QlmA3pDJY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8278d021181c39f1-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 getJackpotGameDetails Show response
secure.gratowin.com/playerapi/games/ 216 B
246 B 62ms
62ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games/getJackpotGameDetails?jackpotProviderId=0&customerId=0&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
ldAlias

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"d8-JgpI/fzMDIZ27W48J+QlmA3pDJY"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8278d021181e39f1-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 games Show response
secure.gratowin.com/playerapi/ 956 KB
71 KB 1126ms
1125ms XHR
application/json 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/playerapi/games?country=DE&device=desktop&requestURL=https%253A%252F%252Fsecure.gratowin.com
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 769ceada3705aed315df0d5bb7f0dc7374d10d7409dc597c62efc53828b2b1f1

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
ldAlias

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"ef079-xZqfiNH0L7Mc7LCMRKqyE/LHO+8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 8278d021182639f1-FRA
swagger-api-docs-url: /playerapi

GET
H2 200 joinNow-icon.svg
secure.gratowin.com/assets/internal-icons/ 402 B
603 B 95ms
93ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/joinNow-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPryQlylK8vscLE_re6sJKltNBSHlVS3IV3eH4SD9Aagf4Uj2I7I0-3Y_O0ztjUohyJz-QntYIZNMw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:15 GMT
server: cloudflare
etag: W/"fcf6455fb9d2e83224da551cc3054ff6"
vary: Accept-Encoding
x-goog-generation: 1697623635312808
content-type: image/svg+xml
x-goog-hash: crc32c=7BBWuA==, md5=/PZFX7nS6DIk2lUcwwVP9g==
cache-control: public, max-age=3600
x-goog-stored-content-length: 402
cf-ray: 8278d021283639f1-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 login-icon.svg
secure.gratowin.com/assets/internal-icons/ 510 B
543 B 90ms
88ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/login-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPoGQMu-VC0CAJY7khEBnhk1_Bm2jOJ0Gx_9RheZwWJ45WV_q13ltue816kZD36mZk1U1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:15 GMT
server: cloudflare
etag: W/"0ca8fb0f2089abf726d203bee36c8cbc"
vary: Accept-Encoding
x-goog-generation: 1697623635832709
content-type: image/svg+xml
x-goog-hash: crc32c=UXvSvQ==, md5=DKj7DyCJq/cm0gO+42yMvA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 510
cf-ray: 8278d021283739f1-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 promotions-icon.svg
secure.gratowin.com/assets/internal-icons/ 1 KB
923 B 92ms
90ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/promotions-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 384ca46673f9d9209ecf6b510aa5e67e5e6e8c5762d7b5c8e643dfc96fb96031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPoP9zkpHX-wjPDOcNPNUAiOkczpoGr0g8GDQhJcEvR8wj4fhS7tHmrJ1Mp2MqG781ooaYYhxdwhsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:16 GMT
server: cloudflare
etag: W/"9761427b1a19bf0f0d615356a9ea92a7"
vary: Accept-Encoding
x-goog-generation: 1697623636251825
content-type: image/svg+xml
x-goog-hash: crc32c=hjcbWg==, md5=l2FCexoZvw8NYVNWqeqSpw==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1412
cf-ray: 8278d021283939f1-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 vipClub-icon.svg
secure.gratowin.com/assets/internal-icons/ 529 B
1 KB 89ms
88ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/vipClub-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPowtjWN9f0r1ytYX8XUwwhVwpjw-DaoZlrHomOohECmLuzHuzd8C5q0gsEWYjTrGJj2ZYo0-EDrBQ
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=ymTJUWY6Uy3bR8IPQeZpP4fxxn.cYs6oceRImsX4ad4-1700232909-0-AYZrT3zrwM46OSwpYr54QIawEB7D0EoIv5CEIaKNPYDgg4FtA2-sK862A9ZZxCH73BIUwHYp9T0EJz7FA0adH7F4n19WvZtpjrNfXBzrdihs_d59vzYaG6LF30TgSbNFJA9MHIeJ00GIs5-B-8_VF79Jk1bS5456H2lcMUi7HWVE; report-to cf-csp-endpoint
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:17 GMT
server: cloudflare
etag: W/"725a97efe97819c4531fbe67de1b54c9"
vary: Accept-Encoding
x-goog-generation: 1697623637307699
content-type: image/svg+xml
x-goog-hash: crc32c=aXyrag==, md5=clqX7+l4GcRTH75n3htUyQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=ymTJUWY6Uy3bR8IPQeZpP4fxxn.cYs6oceRImsX4ad4-1700232909-0-AYZrT3zrwM46OSwpYr54QIawEB7D0EoIv5CEIaKNPYDgg4FtA2-sK862A9ZZxCH73BIUwHYp9T0EJz7FA0adH7F4n19WvZtpjrNfXBzrdihs_d59vzYaG6LF30TgSbNFJA9MHIeJ00GIs5-B-8_VF79Jk1bS5456H2lcMUi7HWVE"}],"group":"cf-csp-endpoint","max_age":86400}
x-goog-stored-content-length: 529
cf-ray: 8278d021283a39f1-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 banking-icon.svg
secure.gratowin.com/assets/internal-icons/ 2 KB
1 KB 86ms
85ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/banking-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPqMUGWejQAwHmMX8MJeXFh2Y_dLt3EnL17Rq7dgIBlNZmxUn6996g60TnOnWxmnJ_T9ocg4aRQ2VA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:13 GMT
server: cloudflare
etag: W/"97b0c09efe576a5c2df1da456faceec4"
vary: Accept-Encoding
x-goog-generation: 1697623633342728
content-type: image/svg+xml
x-goog-hash: crc32c=zejJ6A==, md5=l7DAnv5Xalwt8dpFb6zuxA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 2300
cf-ray: 8278d021283b39f1-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 contact_us-icon.svg
secure.gratowin.com/assets/internal-icons/ 522 B
617 B 92ms
91ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/contact_us-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPoNnSaQycxKyy4-3tnRd8vxVVE5C6cKskldEkj4ziUXJ8p7OHDXYgbs363uMetiWzyPVQk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:14 GMT
server: cloudflare
etag: W/"b48b2b51825c35ae80e02c41711e7c68"
vary: Accept-Encoding
x-goog-generation: 1697623634298648
content-type: image/svg+xml
x-goog-hash: crc32c=fs4Iyg==, md5=tIsrUYJcNa6A4CxBcR58aA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 522
cf-ray: 8278d021283c39f1-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 languages-icon.svg
secure.gratowin.com/assets/internal-icons/ 2 KB
1 KB 63ms
62ms Image
image/svg+xml 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/internal-icons/languages-icon.svg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPpHg0yOPpKAaAkAfqRpBsckt4zGyt_mbdEUWehrh_o6QFRdgodJGaZm4zkyvZ1SPJz1bPSwXAVtLA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 18 Oct 2023 10:07:15 GMT
server: cloudflare
etag: W/"0e648574a50c4a2f1572086f886ee580"
vary: Accept-Encoding
x-goog-generation: 1697623635397054
content-type: image/svg+xml
x-goog-hash: crc32c=15Fj5Q==, md5=DmSFdKUMSi8VcghviG7lgA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 1925
cf-ray: 8278d021283e39f1-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 306ms
17ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:53:08 GMT
x-content-type-options: nosniff
age: 147721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:53:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 314ms
26ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Montserrat:wght@400;700;800&family=Poppins:wght@400;500;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 333386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 18:18:43 GMT

GET
H3 200 index.html Show response
storage.googleapis.com/moon-prod/static-content/jackpot/new/ Frame DB52 32 KB
32 KB 59ms
52ms Document
text/html 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.6d041aaa77d67108e45e.bundle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b6ee5642e247392075c40330df8d51d04005266b70e50e29a988998dde3a459

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-length: 32573
content-type: text/html
date: Fri, 17 Nov 2023 14:55:09 GMT
etag: "c192dbec0a4ad7d191126157fa3c0018"
expires: Fri, 17 Nov 2023 15:55:09 GMT
last-modified: Wed, 21 Sep 2022 14:17:03 GMT
server: UploadServer
x-goog-generation: 1663769823685434
x-goog-hash: crc32c=g0/5XQ== md5=wZLb7ApK19GREmFX+jwAGA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32573
x-guploader-uploadid: ABPtcPpCXSRZCbleyEo_f9hbAV2Xw5VffJ1RtjlV7oWitFNOksZqUrQ29ql-28Kgp4cqsC0Sps3pwyp3gg

GET
H2

200

main.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 7030
Redirect Chain

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

47ms
46ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f440f0656a8c87bc428b3a431b9c139171c8bbccaa06009498fe4db330787c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8278d022398839f1-FRA

Redirect headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8278d021a8c139f1-FRA

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
718 B 23ms
22ms Stylesheet
text/css 172.217.18.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f10.1e100.net

Software

ESF /

Resource Hash

b185da9777f2953b350ef4dd6d0f78d94bdea1ec0a6ef42c629d47f854b8c20f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 14:55:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 14:55:09 GMT

GET
H2 200 seal.html Show response
www.gratowin.com/ Frame FD65 2 KB
1018 B 114ms
75ms Document
text/html 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gratowin.com/seal.html
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.6d041aaa77d67108e45e.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ace96a6ec351b692e45a356418cff482da0bb2ca6a2a9cd3b0fb7713a709fb9

Request headers

Referer: https://secure.gratowin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8278d0226d9a8fe2-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 17 Nov 2023 14:55:09 GMT
last-modified: Thu, 17 Nov 2022 16:30:32 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 mastercard.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 396ms
40ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/mastercard.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bab7eab8e1e05aa031ce685b74fdb8bbbffb418f4068dadfb44ffd6d130af5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrSFebKZUoakUm6IWT6QxyPher41FESC6zzkiTz_c9CsmM7aWtO9dQ_PpvWJelfRfxiUqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2569
last-modified: Mon, 02 May 2022 11:58:15 GMT
server: cloudflare
etag: "f3ff236418dbe75a588fc2f277baaab6"
vary: Accept-Encoding
x-goog-generation: 1651492695597263
content-type: image/png
x-goog-hash: crc32c=8BOYTg==, md5=8/8jZBjb51pYj8Lyd7qqtg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yl%2BOI3v4uw5ba6wSM1zKeXHw9Rj0KpT%2FVMZHEFxTh2y%2FtI5APHsmjSxryOhwHANvJg8Z%2BLhPkZGrIpk%2FgN1lU7jn%2F01X331RyGSCjLnMI%2F0arXwfnSjyYQVeNQBlIlYBPQsCeQkNFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2569
accept-ranges: bytes
cf-ray: 8278d0240b051e3e-FRA
expires: Fri, 17 Nov 2023 15:42:39 GMT

GET
H2 200 PostPay.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
3 KB 402ms
47ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/PostPay.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bd44487689f7f4501db1b9b7a7a50849c4d42e534eef60a04356a7851e92c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPogr4qTYPsnPA--BHMn0xWn0w6Ru-pp4mcR2Y74yA1hLXefBKY7aHE4MLMzGt6Pi4xJPg9uwhe0QQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2501
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "1ade0623f06ef3964f06847a2adca08a"
vary: Accept-Encoding
x-goog-generation: 1651492693814444
content-type: image/png
x-goog-hash: crc32c=2WIQPw==, md5=Gt4GI/Bu85ZPBoR6Ktygig==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixMXnA2eTnDnDVA87fA9KGYbIRRMr3%2B10WvYUIzpXPiTtRk%2FL3aXR0DOZxRmHp%2FGW42UMo3RSgGhVLhaEGl0n8laxOgvtVgFT4edYPEjierf%2BLxjrIvrCDkJj%2BU%2B2CJFcCQig8j7eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2501
accept-ranges: bytes
cf-ray: 8278d0240b061e3e-FRA
expires: Fri, 17 Nov 2023 15:32:44 GMT

GET
H2 200 Quantom.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 422ms
66ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Quantom.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af2e2a86b8e8d47a1a5ca54128c0a7adf09074386cf5a8ee68f178a68584362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrNxwBDl0hH4jCDCGQyDM7XE2SGhiwY2liYXeGUphvjllSSYpbytpSJBAiiS0MHvtpKgbE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1625
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "95b14f93ce4d7a3b73a65afd4da99d34"
vary: Accept-Encoding
x-goog-generation: 1651492693805894
content-type: image/png
x-goog-hash: crc32c=/nRmrA==, md5=lbFPk85Nejtzplr9TamdNA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmNMb%2FwUFeKmGvi%2BMxRbL4sXuEvyow%2BEO6YD4%2FIeu7Qhbc01omB4jFYpMVsJMTRRfMNyxUii1ccOIWYPFmVeVI6DwbnaNIS19GGRGGWXsyWGwrRujlZvNf%2BnPdf%2Bf1fCT8oy5H%2FKIw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1625
accept-ranges: bytes
cf-ray: 8278d0240b101e3e-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 visa.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
4 KB 401ms
45ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/visa.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2ca845c5e87533da52958f4b9c52f6d2a373f2a273a7b6e90093026f7a1ae47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPqF6iJ3WoAvxHgpk--46nBckE0JNyakY1QOke0B-JCU2_hpO-QOu38Ner3ep28QoABCOLw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3070
last-modified: Mon, 02 May 2022 11:58:26 GMT
server: cloudflare
etag: "e9d7082867979eabe30e401d6cf941f6"
vary: Accept-Encoding
x-goog-generation: 1651492706733395
content-type: image/png
x-goog-hash: crc32c=yJZTHQ==, md5=6dcIKGeXnqvjDkAdbPlB9g==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kh7LqsY39slr8xzFF%2F4owJI2ZAu8EHgO3dNMVn9Cb2byB26K96TqTDD1%2BXS7QCrmAHh%2Byd1FL%2FobHsg1a4GE0AHs7Z7KElGbor1a6FDTLGTHNbB%2FEgAo%2FI5TxLrGUFKOKVS3v7LfA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3070
accept-ranges: bytes
cf-ray: 8278d0240b0b1e3e-FRA
expires: Fri, 17 Nov 2023 15:32:44 GMT

GET
H2 200 Click.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
3 KB 395ms
39ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Click.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74686cb67a39ba6066421272589bcf938003022d9dbc772454747518073ac1a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPqKV85dJOtCm58ZJ7XGtcWbDXh9mlMVzy0PyA7H8rHTKYbW8YPa7Jodd3CgyA0lvFOVFGw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1853
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "b85f792d205fbda0910dbe67efbccfb4"
vary: Accept-Encoding
x-goog-generation: 1651492693259411
content-type: image/png
x-goog-hash: crc32c=zOEnDg==, md5=uF95LSBfvaCRDb5n77zPtA==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNSfhSPM5gJmWgP1s652CSgaoSxUZUGYnZ33oYUGk4D5fT1egC2%2FefnStQHTEUTIrlWwy33B6mlSI3jWVHre4ogukgXipNk4vULTeW3BZ9M4%2FQqVlLB6yG6Rf7glYkXGGs6Y7XuUNw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1853
accept-ranges: bytes
cf-ray: 8278d0240b0c1e3e-FRA
expires: Fri, 17 Nov 2023 15:42:39 GMT

GET
H2 200 Neosurf.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 2 KB
2 KB 392ms
45ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Neosurf.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4363b84238dda44f9ca7980c91b775f141a438aa2af9152b98a036f664ca178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrAmKxcE7Z8NL7j4w1hooToXBi2k290NvY1uj8FXYIf0pdBvK2YvsVAwlaTXSaZ2iepfgAesN-j
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 2012
last-modified: Mon, 02 May 2022 11:58:13 GMT
server: cloudflare
etag: "f2b574780708ebc637d4f2b8dac8269f"
vary: Accept-Encoding
x-goog-generation: 1651492693747409
content-type: image/png
x-goog-hash: crc32c=FPaoNQ==, md5=8rV0eAcI68Y31PK42sgmnw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJEn36msUaTtMs52vdN4zPaGU137%2BsODbpgLHOHtdwNhL5ZdAvMflxUsx6puTetsYh%2FZOIPO%2FB4ZTya1P1sX4XrMzGBuW7Q3folIPPJzdn7SkCvX5OYK0boVogH%2FRJtT150k1cwHKA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 2012
accept-ranges: bytes
cf-ray: 8278d0240b071e3e-FRA
expires: Fri, 17 Nov 2023 15:42:39 GMT

GET
H2 200 Cashlib.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 40 KB
41 KB 395ms
48ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Cashlib.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e91de8b587baf86d05f8da82ac270eab8d4989defcdc85ffda62578778b04a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPpMz4_qubHc4wuD1iYgBvpJErBujlH71JZKJ0mwxp_0TBSDaMCjWdssGthf6r42nOMK0dU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 41452
last-modified: Mon, 02 May 2022 12:21:31 GMT
server: cloudflare
etag: "7efb0c903552116f2a60b434f81c48db"
vary: Accept-Encoding
x-goog-generation: 1651494091311094
content-type: image/png
x-goog-hash: crc32c=VLi8lw==, md5=fvsMkDVSEW8qYLQ0+BxI2w==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho57JS9PiCF%2FslT94FrR2xVLkv6Syx4AaR3F2s0D8c99PBFJNzQy8BWP9gogYbg0YUFf2uMoJbk7TlKNDd6bRmA%2Fm%2FbJK3WsIGFFM4JuFRhHrQkTblgeGR0ZJovn1e8%2BPcMdYT1QOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 41452
accept-ranges: bytes
cf-ray: 8278d0240b0f1e3e-FRA
expires: Fri, 17 Nov 2023 15:42:39 GMT

GET
H2 200 SSL.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 8 KB
9 KB 388ms
41ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/SSL.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048b2f5e3b86bec8b10baa4271ef5c706150a317e3a42a4a2ea97ca4a507b024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPrNoRUzYbrJfV6LOu3Uoam47C-cctIT3JKaR0E1byI2EfHpwBGHE3LJTUqzVDiNsXgyd4_Y0BgSK5tVGhCZz5_eYt8Dxlfr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 8404
last-modified: Mon, 02 May 2022 12:25:35 GMT
server: cloudflare
etag: "adcf0ed844d4d6c3bc72a35c973315f0"
vary: Accept-Encoding
x-goog-generation: 1651494335286155
content-type: image/png
x-goog-hash: crc32c=v0ntag==, md5=rc8O2ETU1sO8cqNclzMV8A==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4%2FdPUC5lJ1XZu9ryZ%2FUQez4bhvSAljqJYkwJ9m4CL43Eq3RIiJw8eN0SWeHkbnqf3sYwAT%2BVPjGyRb3n1Xa1eGZ8hG5X2EI1K1LEZG4nJNA2ZyK2VH8DKZSnywsPvg%2BRMMHRdk%2F8A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 8404
accept-ranges: bytes
cf-ray: 8278d0240b081e3e-FRA
expires: Fri, 17 Nov 2023 15:42:39 GMT

GET
H2 200 Plus18.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 1 KB
2 KB 429ms
81ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/Plus18.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44452423e27abf304bca5773bc2657000d4e69a578f406af5b3d096a7a3f666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPoRvQZbUO1VTkOu6MemJixvoySOYhBH9Y0w3heFX2C7IgeUf8B6KztlY7_dYSqU43Nf4ok
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 1196
last-modified: Mon, 02 May 2022 12:25:34 GMT
server: cloudflare
etag: "a220d4a45c9d5d871044e51ab9d05d26"
vary: Accept-Encoding
x-goog-generation: 1651494334802110
content-type: image/png
x-goog-hash: crc32c=78JZmw==, md5=oiDUpFydXYcQROUaudBdJg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTPknQUag8Dzs7Nm9M2ezdVvKgDj%2FDya%2BVY%2FbRqYd4kGysnQqB7PD6E6QZuSZQVtRpBJBjJW9ECJWSAexQQJSfAhH94e%2FNn1dmpZicMnJq%2FHl%2BV6lbPy9VU3T06iDNV7uIu0Ci9H8w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1196
accept-ranges: bytes
cf-ray: 8278d0240b111e3e-FRA
expires: Fri, 17 Nov 2023 15:55:09 GMT

GET
H2 200 PciDss.png
cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/ 3 KB
3 KB 393ms
46ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/footer/icons/PciDss.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754a00a45d1681fa7872ded722930116706b858e4b38366971e4b301140666c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPo3b4KWjWUkFdDLwjap4j8K1UpmWi2_edZio2LKoqItPnTuL2Lvl8kYZO3UfXe7VtncMlA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3062
last-modified: Mon, 02 May 2022 12:25:34 GMT
server: cloudflare
etag: "fc0a95ce0fc60e39c035243f53fdc67b"
vary: Accept-Encoding
x-goog-generation: 1651494334776388
content-type: image/png
x-goog-hash: crc32c=qWUl9A==, md5=/AqVzg/GDjnANSQ/U/3Gew==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxV%2BEI%2FkMGnP3JzL%2FM0%2BQIcnaNyhA4L4ntfUl1HjJd6z5Op10GqrX2uA3dRYEHf76tt2eEAX%2BD5p6GIDx7IHuFdEB%2FAdx1OIDBW%2BWvFrc8EjdVmo%2Be6qlp6%2FAE%2FF9KuyLYv6V%2FCTFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3062
accept-ranges: bytes
cf-ray: 8278d0240b0e1e3e-FRA
expires: Fri, 17 Nov 2023 15:42:39 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 206ms
33ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.gratowin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:19:05 GMT
x-content-type-options: nosniff
age: 74164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 18:19:05 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
161 B 22ms
21ms XHR
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2010681770&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F&ul=en-us&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PageView&ea=PageView_Platform_Secure&el=%2F&_u=YEBAAEABAAAAACAAI~&jid=1689834027&gjid=1336239801&cid=660150936.1700232909&tid=UA-27702367-6&_gid=99171862.1700232909&_r=1&_slc=1&gtm=45He3b81n81KSBWD3Bv78890553&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=123051755

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

7ce32208321c1a409e98a42ff3f8b7c10d2d7e1cc31037dd8aa4f54e391c4b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 14:55:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 12ms
12ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2010681770&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F&ul=en-us&de=UTF-8&dt=GratoWin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=660150936.1700232909&tid=UA-27702367-6&_gid=99171862.1700232909&gtm=45He3b81n81KSBWD3Bv78890553&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1420259223

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 09:14:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20457
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pushreg.min.js Show response
d2afn796dyftlg.cloudfront.net/ 2 KB
971 B 26ms
21ms Script
application/javascript 99.86.91.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/pushreg.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-109.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41f92fcffa7df004f0126954aabee78739751b7bb0298dc32a73d611beec3e7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:53:00 GMT
content-encoding: gzip
via: 1.1 749a671e906c28858bfa6b66ced6ce58.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 14:32:05 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 130
x-amz-server-side-encryption: AES256
etag: W/"2b834b5a0e88872341e1d7165480426e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: NY6JICralhzQvMRsmd9wlbG1G1Kx5UpZjYSMNWr197CyEuL-mD0IfQ==

GET
H2 200 oapi-heartbit.min.js Show response
d2afn796dyftlg.cloudfront.net/ 2 KB
1 KB 26ms
22ms Script
application/javascript 99.86.91.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2afn796dyftlg.cloudfront.net/oapi-heartbit.min.js
Requested by: Host: d2afn796dyftlg.cloudfront.net
URL: https://d2afn796dyftlg.cloudfront.net/oapit.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-109.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 087a64a782e52566b9f11c4d3ffbf22498482165591c955972fece46a702f13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:53:00 GMT
content-encoding: gzip
via: 1.1 749a671e906c28858bfa6b66ced6ce58.cloudfront.net (CloudFront)
last-modified: Tue, 12 Oct 2021 12:03:53 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 130
etag: W/"95ada3efe9ca8f8c93d082b428af1d4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: btWDyoD97uaXhQlUt7IN18Y3F07VkNyo_1sUl2-cLzZZxTOgK-wWeA==

POST
H2 200 8278d0211c1f2bcd Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7030 0
255 B 37ms
37ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/8278d0211c1f2bcd
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8278d0232ac339f1-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 254 KB
84 KB 38ms
37ms Script
application/javascript 172.217.18.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

27b995491ed7671bea91715685c9787cc3a313e21cede101be651e17e6f1d81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 14:55:09 GMT

GET
H2 200 apg-seal.js Show response
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/ Frame FD65 3 KB
2 KB 578ms
207ms Script
text/javascript 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/apg-seal.js

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-24.fra50.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

8e201cbc602775780a67b0db30375dcbc42921a7a93144059678313a0be6ed78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
server: cloudflare
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"df8-SPIbKHbIbEya3zu1KzteKMUJsjU"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
cf-ray: 8278d025aae839e8-FRA
x-amz-cf-id: gycT6pBlf5zzEOppfJ-xEGKy7qcEEPDBOIdlhKP4QrTW7DsUydTlPA==

OPTIONS
H2 200 status
ga.streamygame.com/jackpot/ Frame 0
0 123ms
71ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/jackpot/status?brandId=8&customerId=1003

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://storage.googleapis.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: https://storage.googleapis.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8278d023ce6971c7-FRA
content-length: 0
date: Fri, 17 Nov 2023 14:55:09 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 status Show response
ga.streamygame.com/jackpot/ Frame DB52 2 KB
1 KB 35ms
34ms XHR
application/json 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/jackpot/status?brandId=8&customerId=1003

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/moon-prod/static-content/jackpot/new/index.html?brandId=8&currency=undefined%20%20%20%20%20&customerId=1003&serviceUrl=https://ga.streamygame.com/&isMobile=false%20%20%20%20%20&platform=ng&inGameFrame=false&gameId=undefined&winnerNames=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab8487ae74ea4d685e0c597527710b8504404d1832eefce9aad14d19f4ecc7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://storage.googleapis.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 14:55:09 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://storage.googleapis.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8278d0243ee971c7-FRA
x-xss-protection: 1; mode=block
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 616ms
35ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5D5LQ8JKK9&gtm=45je3b81v9126070701&_p=1700232908261&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=660150936.1700232909&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2F&dt=GratoWin&sid=1700232909&sct=1&seg=0&en=PageView_Platform_Secure&_fv=1&_ss=1&_ee=1&ep.event_category=PageView&ep.event_label=%2F&tfd=1851
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 14:55:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 9f9f02181d594803de0446f8760c7c5e-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3BhY2VyLXNwcml0ZS5wbmc%3D
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/ Frame FD65 95 B
492 B 114ms
113ms Image
image/png 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/9f9f02181d594803de0446f8760c7c5e-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3BhY2VyLXNwcml0ZS5wbmc%3D

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-24.fra50.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 8278d02739a31cbd-FRA
content-length: 95
x-amz-cf-id: sgcT_iD6KBaYVTzNeJvcAGGfbdUcMf7dwP_iXRUnjROBwdSniyEHFw==

GET
H2 200 9f9f02181d594803de0446f8760c7c5e-www.gratowin.com-a4b2333aceb5eab3856b2ba04fc6c2b3c6cb6428030555415628c1b61c16c9c395acfc6de5ca83c4aee0fcfbd5aae1dd-c3ByaXRlLXNlYWwucG5n
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/sealassets/ Frame FD65 48 KB
49 KB 112ms
112ms Image
image/png 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-24.fra50.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
server: cloudflare
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
etag: W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=1200
cf-ray: 8278d0273dac4d56-FRA
content-length: 49397
x-amz-cf-id: 7MCLcjHE_4soimALOYCOlrzvK60ywVgyirxKLXD0sFpZgE3U_8iRoA==

GET
H2 200 54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/ Frame FD65 68 B
422 B 92ms
92ms Image
image/png 143.204.98.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Requested by: Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-24.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 05:55:39 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
last-modified: Tue, 15 Dec 2020 08:04:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 1414771
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 68
x-amz-cf-id: KGzrNKyfH3Q2pEJRTm9JRSDQDq7_NSNwnF-O3V80Bvsj7rJ5qm8vTw==

GET
H2

200

main.js Show response
www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame FDE5
Redirect Chain

https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

27ms
27ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: www.gratowin.com
URL: https://www.gratowin.com/seal.html

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b0dc3bdca5aa2ce23a8bc68fcc6a9aeb6d0f616db93fbb0fe236694a6e68c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8278d027ab158fe2-FRA

Redirect headers

date: Fri, 17 Nov 2023 14:55:09 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8278d0275ad28fe2-FRA

POST
H2 200 8278d0226d9a8fe2 Show response
www.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame FDE5 0
254 B 38ms
37ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/8278d0226d9a8fe2
Requested by: Host: www.gratowin.com
URL: https://www.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8278d0295cc68fe2-FRA
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 gameDynamicData
ga.streamygame.com/ Frame 0
0 38ms
38ms Preflight 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.gratowin.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.gratowin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: https://secure.gratowin.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8278d029cd8d71c7-FRA
content-length: 0
date: Fri, 17 Nov 2023 14:55:10 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 iframe.js Show response
anakatech.uat1.evo-test.com/frontend/evo/r2/js/ 10 KB
3 KB 123ms
16ms Script
application/javascript 18.245.60.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://anakatech.uat1.evo-test.com/frontend/evo/r2/js/iframe.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/main.6d041aaa77d67108e45e.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.60.109 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-60-109.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

c0ca60f1dad78e13d0b750e96ac1de35a86b68c26adc8dd14944930a3eb43a11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 14:25:19 GMT
via: 1.1 bd96095bb3c15c742ab4d72d1fecba6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 1833
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2810
last-modified: Fri, 17 Nov 2023 08:00:08 GMT
server: nginx
etag: "65571d88-afa"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: CY_g-g4MKpPXjUiYZieXtKNryn8LoyweXg8-2Elb_y5mbbdH185u3w==

POST
H2 200 gameDynamicData Show response
ga.streamygame.com/ 193 KB
10 KB 107ms
62ms XHR
application/json 147.78.140.52
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ga.streamygame.com/gameDynamicData?customBrandId=8&requestURL=https%253A%252F%252Fsecure.gratowin.com

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/offline-js-script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

147.78.140.52 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddf97f53a93129028c15f1cf3ca743b09205055e2dc162e66a379cb35c153c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.gratowin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 14:55:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8278d02a4bfa5ca4-FRA
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 all_games.png
secure.gratowin.com/assets/images/ 354 B
661 B 105ms
100ms Image
image/png 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/assets/images/all_games.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3a3bad77018a615558340201b8d3a3ef4161786e11be214f99591cedf354066

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
cf-cache-status: REVALIDATED
x-guploader-uploadid: ABPtcPrh2FoB2WDxI491ueRwGSVQ1UsS0uNwSvUKxtl6PE7NmaV8JQ2_6lTDUNWzBUCHy5kfgKObnlAh1w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 354
last-modified: Wed, 18 Oct 2023 10:07:05 GMT
server: cloudflare
etag: "3ed75eebadf2c8b072295a399faea728"
vary: Accept-Encoding
x-goog-generation: 1697623625015657
content-type: image/png
x-goog-hash: crc32c=EIeYUA==, md5=Ptde663yyLByKVo5n66nKA==
cache-control: public, max-age=3600
x-goog-stored-content-length: 354
accept-ranges: bytes
cf-ray: 8278d02a1b4439f1-FRA
expires: Fri, 17 Nov 2023 15:55:10 GMT

GET
H3 200 category_25.png
storage.googleapis.com/gsdev/moon-prod/web/ 578 B
605 B 37ms
34ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_25.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5f650aad37e541335f86817ea21b510129524eb2da8daaa0a6abb1043fac40bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPqYk-7q0npjscvRXUI2bL0usWsvOAd_rm1iqaezFskQREezDDsMeNgANo8bVKOv43Brlnw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 578
last-modified: Fri, 31 Mar 2023 09:53:40 GMT
server: UploadServer
etag: "521df87d9bfbe00be90f51249165667b"
x-goog-generation: 1680256419928266
x-goog-hash: crc32c=vstuMg==, md5=Uh34fZv74AvpD1EkkWVmew==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 578
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H3 200 category_19.png
storage.googleapis.com/gsdev/moon-prod/web/ 986 B
1013 B 38ms
34ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_19.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7bc364554159c5ace8fbae0965ff955753855fbf7c0238ba5acbbe46af0d6ba3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPo8weQvV6iUkpoEQ1qlpfwPpZZ6knVBOwjXBZgOjkAlglytLu9pwDuPpo0AmBbQnX4j7Zo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 986
last-modified: Mon, 27 Mar 2023 08:01:35 GMT
server: UploadServer
etag: "a7058eb8d1bb78719195505f7ffe8cdd"
x-goog-generation: 1679904095581170
x-goog-hash: crc32c=LHM7VQ==, md5=pwWOuNG7eHGRlVBff/6M3Q==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 986
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H3 200 category_18.png
storage.googleapis.com/gsdev/moon-prod/web/ 1 KB
1 KB 37ms
34ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_18.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0ebb87df614d24d505185917fb3b26027f914fe0aed27df37fa5147316ad6787

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPrvIos8mir_VMEvlwVV4Y0l0X7N4_TDyKX8wgN8fkcJj8NXRtbfewIKV9Kk8cuZkEsmE0o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1085
last-modified: Mon, 27 Mar 2023 08:01:35 GMT
server: UploadServer
etag: "3b504b5bce433dc0685ac9b540ca1139"
x-goog-generation: 1679904095566677
x-goog-hash: crc32c=VXvZcA==, md5=O1BLW85DPcBoWsm1QMoROQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 1085
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H3 200 category_24.png
storage.googleapis.com/gsdev/moon-prod/web/ 720 B
754 B 39ms
36ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_24.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a09b6faa891a8e730e9f2e956215a1bfef1725dc855261c41d600ebd26f897a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPpfKqi2qr6MTUK_3wut1-7GUQ58p1M9YfYUwa7LHiP78xNnXM37eCQJVJpq1wPk5jsJGAo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 720
last-modified: Mon, 27 Mar 2023 08:01:36 GMT
server: UploadServer
etag: "a581f632f302b5b5dd5ac3f09e555cf0"
x-goog-generation: 1679904095925430
x-goog-hash: crc32c=C2zfPg==, md5=pYH2MvMCtbXdWsPwnlVc8A==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 720
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H3 200 category_13.png
storage.googleapis.com/gsdev/moon-prod/web/ 720 B
747 B 35ms
32ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_13.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a09b6faa891a8e730e9f2e956215a1bfef1725dc855261c41d600ebd26f897a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPrrwyHft_Fy3G6RW1HQaQF895qdIQ51OvUV2T8v3kZOb627eNq3_HFvvZ1ucmthIAOEYmU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 720
last-modified: Mon, 27 Mar 2023 08:01:35 GMT
server: UploadServer
etag: "a581f632f302b5b5dd5ac3f09e555cf0"
x-goog-generation: 1679904095433552
x-goog-hash: crc32c=C2zfPg==, md5=pYH2MvMCtbXdWsPwnlVc8A==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 720
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H3 200 category_20.png
storage.googleapis.com/gsdev/moon-prod/web/ 651 B
679 B 37ms
35ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_20.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e556916c8d10ea83b944cdca70a9c0591aa9d3f5916f56a26bac507cd1fc1d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPrMV_Fcu82i0mAdSgRljJhnF9U2hCc_MYbEuf4AshgHKDqTx4OlwpTisPFvnO-OmPmFGYc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 651
last-modified: Mon, 03 Apr 2023 15:21:53 GMT
server: UploadServer
etag: "43a99d6131394a33115145e23d73ecbf"
x-goog-generation: 1680535313713318
x-goog-hash: crc32c=6fF2sg==, md5=Q6mdYTE5SjMRUUXiPXPsvw==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 651
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H3 200 category_3.png
storage.googleapis.com/gsdev/moon-prod/web/ 943 B
976 B 37ms
35ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_3.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d3ab881e2a91522416b0befe1c8cb255b9cb85a398c74d95bb9fb7c7dcaa968e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPpmmPZJXO9rvkpbGKLGX0fw_6AvJDKSjw6g_Uc1DmaKI8Age8YCJyXd8V7DpEjJFMmXaFI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 943
last-modified: Mon, 27 Mar 2023 08:01:36 GMT
server: UploadServer
etag: "646b5223d18508c4cf797d5595962a6f"
x-goog-generation: 1679904096082778
x-goog-hash: crc32c=sB4c+A==, md5=ZGtSI9GFCMTPeX1VlZYqbw==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 943
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H3 200 category_26.png
storage.googleapis.com/gsdev/moon-prod/web/ 561 B
588 B 36ms
34ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_26.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 54a1a6151a81ec40d14bf2e85d4f116a90c545adfd6c5499ee6879de870315c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPomuM8a8STSCauXkHDqcTGcJQhZHppKKyva9rYyAH-BykriWDHR8dSoD-iMA2WNCqhq_Bc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 561
last-modified: Mon, 03 Apr 2023 10:04:09 GMT
server: UploadServer
etag: "b3557264329901383d636fdb2d2220c5"
x-goog-generation: 1680516249659768
x-goog-hash: crc32c=fgB/TA==, md5=s1VyZDKZATg9Y2/bLSIgxQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 561
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H3 200 category_14.png
storage.googleapis.com/gsdev/moon-prod/web/ 870 B
901 B 36ms
35ms Image
image/png 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/category_14.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c21ac0bbb27a457552858b53c117acc699665377f80e292970c9c56f7306dadc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:09:55 GMT
age: 2715
x-guploader-uploadid: ABPtcPpPIc-oWHLK2CfywRgio0wHIOjwSjwnfuRvlAFXBhNPiwwbUVI9avrCZZJHFLqWvwmJMFo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 870
last-modified: Mon, 27 Mar 2023 08:01:35 GMT
server: UploadServer
etag: "8c0734f152a88c26d33f3bc85e4b0a85"
x-goog-generation: 1679904095482072
x-goog-hash: crc32c=NhUd8Q==, md5=jAc08VKojCbTPzvIXksKhQ==
content-type: image/png
cache-control: public, max-age=3600
x-goog-stored-content-length: 870
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:09:55 GMT

GET
H2

200

main.js Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 765E
Redirect Chain

https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

7 KB
4 KB

71ms
70ms

Script
application/javascript

147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/

Protocol

Server

147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fba23dbed5a74bb4704ab3fe09fc282abfe68a93a0a3a0f574c1d6c365008ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8278d02b4cc539f1-FRA

Redirect headers

date: Fri, 17 Nov 2023 14:55:10 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control: max-age=300, public
cf-ray: 8278d02a7bdd39f1-FRA

GET
H2 200 Visitor_WelcomePackage.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 286 KB
287 KB 95ms
93ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_WelcomePackage.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef68e3b876df7786e67fb8973c8fa693bf2c5584234f9a5d1080ec4fdc1be9d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466
x-guploader-uploadid: ABPtcPoXJNysXSpCDhHl-oRNlShU-YHtA_v8BSoM7ETOOrb2ZL1VsTnmUhLZdOTudBBGaEWz-lc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 293097
last-modified: Thu, 07 Sep 2023 13:40:17 GMT
server: cloudflare
etag: "03062ce69fae35d730d7d270ec35fd6e"
vary: Accept-Encoding
x-goog-generation: 1694094017300474
content-type: image/jpeg
x-goog-hash: crc32c=3HysJA==, md5=AwYs5p+uNdcw19Jw7DX9bg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2F%2BiP556SPcTXPfIfPMNLNVCS3z0W1e0zayNJXRYPnumN75TjboTlJecXO%2FZFVqWHmz1TMDhbppD2r%2F%2FXaJINFasPlWoNEo8l3m%2Fzua7oxipHtvt%2F%2FmAhHmXtZbIqahXuiCSSIpZTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 293097
accept-ranges: bytes
cf-ray: 8278d02a9c061e3e-FRA
expires: Fri, 17 Nov 2023 14:59:47 GMT

GET
H2 200 GW_Spinomania_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 137 KB
138 KB 102ms
101ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/GW_Spinomania_.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffadb65707412f15c7b5d9576539e2a736c2d7fec47ecd9da0b789827e1f8aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2465
x-guploader-uploadid: ABPtcPq5nD_v--gmLH_2LtwdC4Lylo9uZMU0Rl_quqVM-GW-N7-jvpFrfQZeMxVn4ZDStRJuqU8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 140631
last-modified: Fri, 06 Oct 2023 02:14:55 GMT
server: cloudflare
etag: "d12f1546626b15a72bf02a1d08353dfa"
vary: Accept-Encoding
x-goog-generation: 1696558495133619
content-type: image/jpeg
x-goog-hash: crc32c=BWlthg==, md5=0S8VRmJrFacr8CodCDU9+g==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlHLnEb5OIkLBrrtTg14bMBnHxcfL0zZ4TkwkyzNjs8PyMh5e90QhUkxSkYQo8sMU8TIvNJ%2FpXBgkW11axeFDN8FjM%2BDgCiewpiXU3UDEXNQG6lSuduMTFJX3p24WbYWB7Xb7EF5yA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 140631
accept-ranges: bytes
cf-ray: 8278d02a9c091e3e-FRA
expires: Fri, 17 Nov 2023 15:14:05 GMT

GET
H2 200 Cute-and-Creepy_.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 372 KB
373 KB 94ms
92ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Cute-and-Creepy_.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a30c6b206a8229db7787bf4bd0fcddc4fcc28703725c1934da423ab879174e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466
x-guploader-uploadid: ABPtcPqQN6ILpjC5jYYVvPbliTdujhnk5HtrDmqRdwIM_zE-KhuBBdBmeNEQC3U33I3GnRCVXm8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 381030
last-modified: Tue, 31 Oct 2023 09:43:50 GMT
server: cloudflare
etag: "a6690378df813c6457e6e7a06b5a4c37"
vary: Accept-Encoding
x-goog-generation: 1698745430746313
content-type: image/jpeg
x-goog-hash: crc32c=Ec46mA==, md5=pmkDeN+BPGRX5uega1pMNw==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKPBjd7izD5ulz9Lgct4ypaYAsXaSFN9Dgk85Goyy5VV32OciCG96ecIDgVhwR496dliS0VzADyPl7J87TgerNOuIKWBoo6ExNkEDTUHDZx3tnEQplz2j7TUyYXNml1RhKxLaGhK5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 381030
accept-ranges: bytes
cf-ray: 8278d02a9c0b1e3e-FRA
expires: Fri, 17 Nov 2023 14:59:47 GMT

GET
H2 200 DoubleDeposit-NEW.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 324 KB
325 KB 93ms
92ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/DoubleDeposit-NEW.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662747cadb243580036e79bfd0e80b654593111eeeb96e1f743ff4095b588189

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466
x-guploader-uploadid: ABPtcPpwG3o_L1_5CGXky7naghN3S6YCb5vtQ0VpL-J9SDDMnL9XFZiuj4BenzXsRSoV4OP7fN8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 331697
last-modified: Tue, 17 Oct 2023 14:23:12 GMT
server: cloudflare
etag: "0be45f8f8f72b2a9810d1d8cff613c99"
vary: Accept-Encoding
x-goog-generation: 1697552592607060
content-type: image/jpeg
x-goog-hash: crc32c=plPTog==, md5=C+Rfj49ysqmBDR2M/2E8mQ==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmMVQ1MQsl7WzdJHx%2BHm5AnBtpLZCECHga81OS68c4L17GnsZVXF3CQmhq6XnvTqRiLSYUOt4L894niXSXj7pCBYrmR%2B7WUKOWcOEk2NjSCg3JwZIL8XuGmSTJFoJgXeYnjH0lgmuw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 331697
accept-ranges: bytes
cf-ray: 8278d02a9c0c1e3e-FRA
expires: Fri, 17 Nov 2023 14:59:47 GMT

GET
H2 200 WeeklyCashback.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 625 KB
626 KB 39ms
38ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/WeeklyCashback.jpg?v=96
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e35783c6f9ed24b1585355570a46af03d24c69f7bc88afc7f8e23118729b18d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466
x-guploader-uploadid: ABPtcPqjvl4tEHk5pUF5zZe-eqYtwB1jfsb-BfXHOp_DGfyRKw28Vhr81NvOjgiY62nfrK3t0zs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 640106
last-modified: Wed, 11 Jan 2023 06:43:04 GMT
server: cloudflare
etag: "a8ba90e328f6549dc0142af297ebd572"
vary: Accept-Encoding
x-goog-generation: 1673419384943391
content-type: image/jpeg
x-goog-hash: crc32c=/mwnPw==, md5=qLqQ4yj2VJ3AFCryl+vVcg==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWrfBlTSk6Kk7enHMVhX%2BiQuQKjaOcHTEIAwW6Lw2KkZpVbs9pTi2m9Oqdws4ytPEeSnRR%2BC%2B%2BHBB5BwRRbZ4ENotrPQZTzVBojCq2cZvm7rxlWyD%2BMCX6AF%2FnR3Jm%2FRNJnbdVsdIg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 640106
accept-ranges: bytes
cf-ray: 8278d02a9c0e1e3e-FRA
expires: Fri, 17 Nov 2023 14:59:47 GMT

GET
H2 200 FridayFun.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 269 KB
269 KB 100ms
99ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/FridayFun.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9731f4ed6b73c9446d8fe8d0a0bf84507eea260dcfe72a12c122be32be90b1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466
x-guploader-uploadid: ABPtcPrtF8D13v70mnaISOA6mgM0zDYFrZXKYiLagoW7xaxjmyzGnI7-5Y2FISW9wIACzxlJ4pk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 275073
last-modified: Wed, 11 Jan 2023 07:13:40 GMT
server: cloudflare
etag: "4c5a28971e6bbd56b1b8c30b28d784f3"
vary: Accept-Encoding
x-goog-generation: 1673421220235017
content-type: image/jpeg
x-goog-hash: crc32c=Oj9oqQ==, md5=TFoolx5rvVaxuMMLKNeE8w==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQmYuZV4QNYt%2B3TUvrJxrXoH%2Bi52mWgTMwSxpecfTJGDVNB0Gx3jRud77nMSIGgrBQ5IrbDqFsMr5hOnZcSo2XEVSJ9xFjTME%2BgqxmMrYNK7Na06XridKzvlry%2FjToZVIdAvPr7hDA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 275073
accept-ranges: bytes
cf-ray: 8278d02a9c0f1e3e-FRA
expires: Fri, 17 Nov 2023 14:59:47 GMT

GET
H2 200 Visitor_VipPoints.jpg
cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/ 234 KB
235 KB 99ms
98ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Platform/gratowin/images/slider/en/Visitor_VipPoints.jpg?v=6
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e64078858db64c027324a4cea36d5b3b24860d34ed55f608905537b003763cc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2465
x-guploader-uploadid: ABPtcPr0FnvDGNXFCkpt-doZNi7jJ0AAIAvNDAyy_Qo6kDt_5QHDzbBKwQhN6nUdwVBDOcfo0OM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 239901
last-modified: Fri, 23 Dec 2022 09:37:26 GMT
server: cloudflare
etag: "33a67d20a4ab15504d591a96f25ab9f9"
vary: Accept-Encoding
x-goog-generation: 1671788246895946
content-type: image/jpeg
x-goog-hash: crc32c=zi0a3g==, md5=M6Z9IKSrFVBNWRqW8lq5+Q==
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAwEPOKPiOW65esAihuzX5QoJP3xQlUj73ZyycgaQK%2Bfdg7ZPSNYVrvXZtBDljHLmqlJzn2Qf2zjhmwKM9zC6IlaccXn2a5mO8kWe5gkLFZ4UWglt5ARXSi9B4iH0sjr2xB9WyhqQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 239901
accept-ranges: bytes
cf-ray: 8278d02a9c121e3e-FRA
expires: Fri, 17 Nov 2023 15:14:05 GMT

GET
H3 200 1576.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 63ms
62ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1576.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1e231db8a480361ea2e8c6f6352e890c7c5463f9afb0eafdfed777c314e185fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPpDgO3cLwL2hg3VZoyJRpK0kIzVvUHGFJApVEJBIfdHS2_6Z0v3leu_8Y6ovhnLqVt60Jo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31073
last-modified: Mon, 07 Aug 2023 09:38:48 GMT
server: UploadServer
etag: "a16f766f2df8740ebd52c9e2ad2c5893"
x-goog-generation: 1691401128892095
x-goog-hash: crc32c=BuTWRA==, md5=oW92by34dA69UsnirSxYkw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 31073
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 1271.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 32 KB
32 KB 67ms
65ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1271.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 87469ddb8810cd46f1749ad01e91a5734d29aee693236c5cd6834a47f10eacd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:13:01 GMT
age: 2529
x-guploader-uploadid: ABPtcPpdsQ6UCojx0zy3skUdbMJIEvmH2UAIJfWo8bqefeBzq2J-Kiql71KyTmtmvruh3zIcrgQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32921
last-modified: Wed, 12 Jul 2023 19:14:30 GMT
server: UploadServer
etag: "32165545215d90030afce5315e176921"
x-goog-generation: 1689189270672864
x-goog-hash: crc32c=YVMuig==, md5=MhZVRSFdkAMK/OUxXhdpIQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 32921
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:13:01 GMT

GET
H3 200 785.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 111ms
108ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/785.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fcdde1f33b3e4a8eb0b7d7a01e1ce45e96b3ddb5f2b9c140d425e4af8cd52538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:49:25 GMT
age: 345
x-guploader-uploadid: ABPtcPolp28lbKwCm10jnoJykwqhevQJ0xPMdDyOfqDsOe-DOu87F4VwEWxYPQv3bEJZ_3IFiX0UyF9L8A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31095
last-modified: Mon, 27 Mar 2023 09:35:38 GMT
server: UploadServer
etag: "3a55dcce952a165c350a511d56e332ed"
x-goog-generation: 1679909738727522
x-goog-hash: crc32c=yG899A==, md5=OlXczpUqFlw1ClEdVuMy7Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 31095
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:49:25 GMT

GET
H3 200 1.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 26 KB
26 KB 155ms
132ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7a4c637f2b5ec8ff8e8a9b1fd0f2cd026d81676532553652c0d75b42269a7d6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:54:27 GMT
age: 43
x-guploader-uploadid: ABPtcPrF7qlg5WSR772RliINwbkm4zz5KNHTOa5Olyu-eIkDHuWKUHX80v9zSSBDFBiuUf3n4YzmDfMeXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26195
last-modified: Mon, 27 Mar 2023 09:24:34 GMT
server: UploadServer
etag: "66c415ec8a3fb6fe58041868220cc9b7"
x-goog-generation: 1679909074264180
x-goog-hash: crc32c=WaLcdA==, md5=ZsQV7Io/tv5YBBhoIgzJtw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 26195
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:54:27 GMT

GET
H3 200 1583.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 29 KB
29 KB 151ms
128ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1583.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d4b1f2acfa26a592e2d84ce864eca88621da27d5c1f73be6b2d5e158509521ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:12:59 GMT
age: 2531
x-guploader-uploadid: ABPtcPpqjYTCEJFmHCfr8B9YuluRaxBgOw5R7OQ5nIzGZVPQSxW6k9bpq_zNhnNjyQtlA6JFHzc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30159
last-modified: Tue, 10 Oct 2023 10:16:33 GMT
server: UploadServer
etag: "3a6864ea1b88e94e23ab5326bfb4d9c7"
x-goog-generation: 1696932993586857
x-goog-hash: crc32c=+6yX/A==, md5=Omhk6huI6U4jq1Mmv7TZxw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 30159
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:12:59 GMT

GET
H3 200 186.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 32 KB
32 KB 174ms
149ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/186.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b9c92f0827d071c2e0c3d39238c35dc8c1331c5de99c84e03a85272489690142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:49:25 GMT
age: 345
x-guploader-uploadid: ABPtcPp-o1A-KVRe0fGCKbrBEKriNMUzh_mm1b-NqWeiHE0fd95LU2vUkpFGYntGDuswxKBrtH9aw_xEfQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32426
last-modified: Mon, 27 Mar 2023 09:27:21 GMT
server: UploadServer
etag: "30189df704348026a281209b4b14dfb6"
x-goog-generation: 1679909241447407
x-goog-hash: crc32c=6JFOiA==, md5=MBid9wQ0gCaigSCbSxTftg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 32426
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:49:25 GMT

GET
H3 200 5.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 25 KB
25 KB 175ms
145ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/5.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 249eee8d3486e8eae55ecefdf2a7634c4d1c824592fb7516d43fed2621530c9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:42:37 GMT
age: 753
x-guploader-uploadid: ABPtcPoOgvw8gu4NYWez3F39c2TLRtyR4dNBq57qy6ikP18ZrI0RDwVO_gPVOOzbLglPoExuuoueOTyTyg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25113
last-modified: Mon, 27 Mar 2023 09:24:36 GMT
server: UploadServer
etag: "be701c5107a835f9c1aa936673c0442e"
x-goog-generation: 1679909076867881
x-goog-hash: crc32c=ciPFeQ==, md5=vnAcUQeoNfnBqpNmc8BELg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 25113
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:42:37 GMT

GET
H3 200 1307.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 165ms
135ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1307.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8cb596cfd2b492ded0843e0f152e165ac5bf786dc983578c88381a7172bfd30d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPoUjPlu8u4kD9H0HPwBKARLKwCLggGNHCGVE6aF6_pclhba__4eTSHUhZyXz2x5J-Cisv4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30601
last-modified: Mon, 17 Jul 2023 15:03:57 GMT
server: UploadServer
etag: "eb2beb2cef8c201cba4b55aaabed3533"
x-goog-generation: 1689606237664022
x-goog-hash: crc32c=2Pv/fA==, md5=6yvrLO+MIBy6S1Wqq+01Mw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 30601
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 1303.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 21 KB
21 KB 177ms
148ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1303.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fd38176e957a41b6ced1e7ead0a6b5e91943fd6fb231d27073be82c92f246ad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPp180RaFfOmUYkB6CDznEi1xOvzOr3CiviDiKWDAcB_0R-tv5CcpqXb3P4Wo2gVqr_A-F4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21670
last-modified: Mon, 17 Jul 2023 15:02:52 GMT
server: UploadServer
etag: "c33d8812b4a66572291d8935a890c34c"
x-goog-generation: 1689606172816507
x-goog-hash: crc32c=rTSS2w==, md5=wz2IErSmZXIpHYk1qJDDTA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 21670
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 1276.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 24 KB
24 KB 170ms
132ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1276.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 046dc581575aa3963d46bf1d735d3b244dadf54f60454b2fed3b78a34b6ae355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:13:01 GMT
age: 2529
x-guploader-uploadid: ABPtcPr5Gds2DnmAVWw_ElK_Ufw00Z9wFZ-LsAbLI33I67mXvhhARdsJNeVU6K1-sBeMz3rpnkM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24530
last-modified: Wed, 12 Jul 2023 19:15:55 GMT
server: UploadServer
etag: "2763f0f6636afadcd0d01f9734eaaf51"
x-goog-generation: 1689189354918544
x-goog-hash: crc32c=3yFAjg==, md5=J2Pw9mNq+tzQ0B+XNOqvUQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 24530
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:13:01 GMT

GET
H3 200 1277.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 33 KB
33 KB 187ms
150ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1277.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 62121823dafe2e58ffbf408a8b2e9f60a1118dde8bd0f8f2eede64792a816d08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPp6tX7-0uHFeNsYdG2yQVvYuX3pCzF52YZws7LQnd7pQLuT1C0pEJKzz9zp9Tjhwq7A0D8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33694
last-modified: Wed, 12 Jul 2023 19:16:07 GMT
server: UploadServer
etag: "fd96499dffca72963adbfdf7a68225ae"
x-goog-generation: 1689189367465366
x-goog-hash: crc32c=YApEuA==, md5=/ZZJnf/KcpY62/33poIlrg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 33694
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 1492.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 36 KB
36 KB 182ms
146ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1492.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a2806e161efa9a075eef6391b50251075bc60c50f90879db0dacbb958b808376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:49:25 GMT
age: 345
x-guploader-uploadid: ABPtcPqkWWH-RRlvwiUw1Lcl5_ciCayy4fZJ6YHKfn1rpO3gK7RWLArpLhYw7I8Qri6WHTI64R6sFCSjqQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37214
last-modified: Wed, 02 Aug 2023 11:20:51 GMT
server: UploadServer
etag: "4771d38d3ce0adca5acb8942ce5324a1"
x-goog-generation: 1690975251305970
x-goog-hash: crc32c=hnl8yA==, md5=R3HTjTzgrcpay4lCzlMkoQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 37214
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:49:25 GMT

GET
H3 200 1274.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 196ms
160ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1274.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4277fec748393e04c2f4983d5cc5fb8b97cad50cfff0e05291542fc23f0f1e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPqPbtTOfsiQhkRz2VCzqWwkCgEn64i5Jz4Fc87A4hpFmPyDq_lOzC7EDS02qEiSiutLJA0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30362
last-modified: Wed, 12 Jul 2023 19:15:17 GMT
server: UploadServer
etag: "b0846d75498b3f0e8aa8251c0f225272"
x-goog-generation: 1689189317786463
x-goog-hash: crc32c=xJt2kA==, md5=sIRtdUmLPw6KqCUcDyJScg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 30362
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 1278.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 29 KB
29 KB 195ms
160ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1278.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ad2407a26e9caab3ad7da70953710056a5ed42947f5fae617476638f4a58f73e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPpwL-l-vxXM9H7X71Lmk6Ue_7e4y5elQB28t5Iga09rm2pmtwnmwGu4YluhNgxPlFj1Fjs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29689
last-modified: Wed, 12 Jul 2023 10:12:34 GMT
server: UploadServer
etag: "f07275008359948536c01d32827c5915"
x-goog-generation: 1689156754496556
x-goog-hash: crc32c=hCNOxw==, md5=8HJ1AINZlIU2wB0ygnxZFQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 29689
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 1306.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 25 KB
25 KB 249ms
216ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1306.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1df0b8768ea979fd15459b8d6d8b24854740be3d1de23451128c7879dea88160

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPoPHr2hkfvvaXRQYjFIz3hRfUpzbuafW07EnCVF8y2hSXjrW1cfhsz_G5Sa8u8NBzRCVp0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25167
last-modified: Mon, 17 Jul 2023 15:03:43 GMT
server: UploadServer
etag: "5e60dabdfa54f3fb0f7fdde7748aad95"
x-goog-generation: 1689606223701869
x-goog-hash: crc32c=l2EXbQ==, md5=XmDavfpU8/sPf93ndIqtlQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 25167
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 125.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 30 KB
30 KB 249ms
217ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/125.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bbca445697cfd82af406bd43a2fec50cfcc00ec7dfdf16d95b9bd551624a9c52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:13:43 GMT
age: 2487
x-guploader-uploadid: ABPtcPoHGNZtoXmy7hAGc33LEPnqcJOOCxLEcVtwt-Kn106YDdtUz_ofH7Ck3a9YOvKdsY0rimE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30712
last-modified: Mon, 27 Mar 2023 09:26:00 GMT
server: UploadServer
etag: "48a1cafe97e5a34ac50cb7579a8f6af6"
x-goog-generation: 1679909160695730
x-goog-hash: crc32c=xeoBlA==, md5=SKHK/pflo0rFDLdXmo9q9g==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 30712
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:13:43 GMT

GET
H3 200 129.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 45 KB
45 KB 247ms
216ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/129.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 68cf1e13a62920332c534a76d24252992337f97bb37fd4ca1d5bab60097297fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:12:59 GMT
age: 2531
x-guploader-uploadid: ABPtcPrA8Jsj2Ft3Ej1gAIN-x6DxQ7TKyXEdd9gWCNI4i3sv-_CNJglYI7R-EXcFcg01750F_-Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46283
last-modified: Mon, 27 Mar 2023 09:47:20 GMT
server: UploadServer
etag: "944cc82e47fc5564129701f5cf89684a"
x-goog-generation: 1679910440489556
x-goog-hash: crc32c=+Gj94A==, md5=lEzILkf8VWQSlwH1z4loSg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 46283
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:12:59 GMT

GET
H3 200 1233.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 22 KB
22 KB 741ms
710ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1233.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c838dec06b4e2d4fa1747ddc389960afba2b20d3d48f72f863f779302a62cdc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:11 GMT
age: 0
x-guploader-uploadid: ABPtcPrr7giDpIOUg-6FhJi6_O2urhVW-mNQDuL9C0yiMeUYY98h0sQsIz0ad-TGE5r3VUuKK4s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22481
last-modified: Fri, 09 Jun 2023 13:23:23 GMT
server: UploadServer
etag: "5f548b4b2014c7293383c112655a211c"
x-goog-generation: 1686317003821147
x-goog-hash: crc32c=UuSKvQ==, md5=X1SLSyAUxykzg8ESZVohHA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 22481
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:55:11 GMT

GET
H3 200 1273.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 45 KB
45 KB 238ms
207ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1273.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c1278130fbad8cdadafa0bc2321f02c2b3ef8b1441ffcf64c5399111d72be2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPoFCg9d3ybO4ZyakwOPKbces7nSasJ6oLDyIIW1T1EkfUkniaJd4Awx7NGsRmagGdNa57s
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46122
last-modified: Wed, 12 Jul 2023 19:15:00 GMT
server: UploadServer
etag: "bc02b326b9966bbf6b96fca2d9d0c2d6"
x-goog-generation: 1689189300232851
x-goog-hash: crc32c=2o1vKA==, md5=vAKzJrmWa79rlvyi2dDC1g==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 46122
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 20.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 29 KB
29 KB 663ms
632ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/20.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 78038ec16e3ff0e7506dfc620c9c706a73ae22508374d1022f9e4e02f5e8da12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
age: 0
x-guploader-uploadid: ABPtcPo-tQ66xc7bNjD7Gso17hkF4hO3PlEWvFt49y77tMh-KkpPeJsuG7-3dVDRjP7BoRQu7uE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30118
last-modified: Mon, 27 Mar 2023 09:25:02 GMT
server: UploadServer
etag: "2572c16fb0875ea66ef184b1d83d2dd5"
x-goog-generation: 1679909102194406
x-goog-hash: crc32c=nFeYvQ==, md5=JXLBb7CHXqZu8YSx2D0t1Q==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 30118
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:55:10 GMT

GET
H3 200 1305.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 35 KB
35 KB 384ms
353ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1305.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d4438bc2ea9014dbeca73bfc27a2c2666d4701f06cffea542e578639e7f6b47c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPpMSkkTmCTmLH-iz4e6XTlwB2RTcT79mS_8sqFNtsfS3Td1PiPcL4xXClscCsM4yz-zLB8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36081
last-modified: Mon, 17 Jul 2023 15:03:28 GMT
server: UploadServer
etag: "ff12339f0856b37b6b36994199449f93"
x-goog-generation: 1689606208508745
x-goog-hash: crc32c=lxKUXQ==, md5=/xIznwhWs3trNplBmUSfkw==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 36081
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 1270.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 25 KB
25 KB 355ms
325ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1270.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7cc832fd62a0a40299ef60dd79669685ba8b72239c1e840827f7ef3dd0bcda72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:13:01 GMT
age: 2529
x-guploader-uploadid: ABPtcPq9-NboWHsu7HP2TWkj51Deh8bMVyrOhgnzmEIIqBU50JoAlAm1_al_mKBaKN5BM-pF6JI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25276
last-modified: Wed, 12 Jul 2023 19:14:12 GMT
server: UploadServer
etag: "9429576f9d36f38300ab35298bf2bd6e"
x-goog-generation: 1689189252805448
x-goog-hash: crc32c=Z6TH5g==, md5=lClXb50284MAqzUpi/K9bg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 25276
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:13:01 GMT

GET
H3 200 13.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 20 KB
20 KB 661ms
630ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/13.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9777bee7a468288e47260048fecfa8aa52243a4750ecd55c1ccc43be2b629c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
age: 0
x-guploader-uploadid: ABPtcPpvZuEfOTWXIjiMNmIf2L3-o_t9p6WVHD-Noy88WrK61HOD7J2EgWx1QZXI1MXffFYtFak
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20566
last-modified: Mon, 27 Mar 2023 09:24:46 GMT
server: UploadServer
etag: "d5ee6b970cb06339451dad2a8e99e520"
x-goog-generation: 1679909086480483
x-goog-hash: crc32c=2W+Itw==, md5=1e5rlwywYzlFHa0qjpnlIA==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 20566
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:55:10 GMT

GET
H3 200 1583.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 51 KB
51 KB 246ms
216ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1583.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 41676d38603422223207fd1fd8bf5812492a678c331e9bb87e748633edff8b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:42:54 GMT
age: 736
x-guploader-uploadid: ABPtcPrCA_VboAFiGrCtiGUtxPTC8-HwNW9k-iSXly2WSXWpLSUbMojPUaUB8iJMoF7HrOba1a4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52415
last-modified: Tue, 10 Oct 2023 10:16:32 GMT
server: UploadServer
etag: "bed18bf97250df613ffb7064870fab71"
x-goog-generation: 1696932992461805
x-goog-hash: crc32c=V5Ziww==, md5=vtGL+XJQ32E/+3Bkhw+rcQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 52415
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:42:54 GMT

GET
H3 200 1578.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 56 KB
56 KB 384ms
354ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/1578.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 21eeb6deac594e13155d344bf008e6aaac35d941fa223131836670ea736e567b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:13:43 GMT
age: 2487
x-guploader-uploadid: ABPtcPpRxyuI18Otk_rV_oRt0BEDR781H6R5StcdBrSGo4P5GGPQdr0atiZ9ASsgpOKkJ09474I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57718
last-modified: Thu, 10 Aug 2023 05:49:51 GMT
server: UploadServer
etag: "64bafa07ad92d1e98ea484162c465fc2"
x-goog-generation: 1691646590989614
x-goog-hash: crc32c=Mvl/Lg==, md5=ZLr6B62S0emOpIQWLEZfwg==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 57718
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:13:43 GMT

GET
H3 200 1304.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 27 KB
27 KB 408ms
378ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1304.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0152ea2082322cc10bc3eb642f899cd99dbce2f918b9dfbb85869569178a3b37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPoQVgvwtVa2NSyA4s4UpODkW-MjoheVsLPGCP70-8tktjbDWZMwXLEgbJSzzgCXi2Uev4Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27353
last-modified: Mon, 17 Jul 2023 15:03:13 GMT
server: UploadServer
etag: "b64e51335f27924b0dee2e133a3f04f4"
x-goog-generation: 1689606193519049
x-goog-hash: crc32c=OfH9Rw==, md5=tk5RM18nkksN7i4TOj8E9A==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 27353
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

GET
H3 200 1195.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 27 KB
27 KB 406ms
377ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1195.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0e643d08644061f248aee00b613000b52248f86128c56c083b70d1e1ed128635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:47:44 GMT
age: 446
x-guploader-uploadid: ABPtcPoIcNWIA10pKfqt9ISKCpwPpyL8sLA00McW2VV-cJLe5rF3cH1Sajkh78l_bR4_5WWDFb0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27932
last-modified: Tue, 30 May 2023 06:14:03 GMT
server: UploadServer
etag: "17f4437aa124f62207c53364151a78eb"
x-goog-generation: 1685427243122715
x-goog-hash: crc32c=WPz+Ug==, md5=F/RDeqEk9iIHxTNkFRp46w==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 27932
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:47:44 GMT

GET
H3 200 2.jpg
storage.googleapis.com/gsdev/moon-prod/web/ 48 KB
48 KB 684ms
657ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/web/2.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cf038cde00b4d5794bcd8ddcc0a6e4d92c3818bc8d98004c85e371779bc9db42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:55:11 GMT
age: 0
x-guploader-uploadid: ABPtcPowe-bwH50scsSUby_UAZMv5MzrQsIJoA7ebVWWpdOMFJcxiHV9jf9zmJA0-GnWzwZ9ick
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49207
last-modified: Mon, 27 Mar 2023 09:46:39 GMT
server: UploadServer
etag: "17f6ed4c3e222b1f2bf8ad8e167c6665"
x-goog-generation: 1679910399476796
x-goog-hash: crc32c=C0jcRQ==, md5=F/btTD4iKx8r+K2OFnxmZQ==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 49207
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:55:11 GMT

GET
H3 200 185.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 31 KB
31 KB 404ms
379ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/185.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f35fe776023c2c21ff0c4695773847a715de42547d74197df8e3dd905880a19b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:47:44 GMT
age: 446
x-guploader-uploadid: ABPtcPosb5LvEBCHbB1RYLAN70jt8hdaM-Z-De-2XXX2Q4s697_er8J1rgyINWZGI6fRoBxIwq8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31667
last-modified: Mon, 27 Mar 2023 09:27:20 GMT
server: UploadServer
etag: "754d43af5a94c9d6564ac272cd969afa"
x-goog-generation: 1679909239778103
x-goog-hash: crc32c=nnTbjQ==, md5=dU1Dr1qUydZWSsJyzZaa+g==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 31667
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:47:44 GMT

GET
H3 200 1275.jpg
storage.googleapis.com/gsdev/moon-prod/mobile/ 21 KB
21 KB 402ms
378ms Image
image/jpeg 2a00:1450:4001:801::201b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/gsdev/moon-prod/mobile/1275.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: bc6f8ce3e23522a90a30aa6db34de03b04e66641ce217ee033158410a9115dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 14:29:31 GMT
age: 1539
x-guploader-uploadid: ABPtcPqOa1qWrYsDDi6PohW-j0XNmiOawJ2dpF3fQpExi37H3qFRmbKRl9-8TcwuXHl3LNIv4as
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21847
last-modified: Wed, 12 Jul 2023 19:15:41 GMT
server: UploadServer
etag: "f7095aaa135f6056f699053cde0091c3"
x-goog-generation: 1689189341657251
x-goog-hash: crc32c=+VdKsA==, md5=9wlaqhNfYFb2mQU83gCRww==
content-type: image/jpeg
cache-control: public, max-age=3600
x-goog-stored-content-length: 21847
accept-ranges: bytes
expires: Fri, 17 Nov 2023 15:29:31 GMT

POST
H2 200 8278d0211c222bcd Show response
secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 765E 0
234 B 48ms
47ms XHR
text/plain 147.78.140.54
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/h/g/jsd/r/8278d0211c222bcd
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.78.140.54 , Bulgaria, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Nov 2023 14:55:10 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 8278d02d2f5439f1-FRA
content-type: text/plain; charset=UTF-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 212ms
211ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5D5LQ8JKK9&gtm=45je3b81v9126070701&_p=1700232908261&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=660150936.1700232909&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=2&dl=https%3A%2F%2Fsecure.gratowin.com%2F&dt=GratoWin&sid=1700232909&sct=1&seg=1&en=page_view&_ee=1&_et=3&tfd=6868
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D5LQ8JKK9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.gratowin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 14:55:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.gratowin.com/	1970-01-21 01:53:12	Name: redux-cookie Value: %5B%5D
.gratowin.com/	1969-12-31 23:59:59	Name: playerType Value: 0
secure.gratowin.com/	1969-12-31 23:59:59	Name: registerState Value: returning
.gratowin.com/	1970-01-20 17:00:28	Name: url_affToken Value: 1
.gratowin.com/	1970-01-20 17:00:28	Name: url_affiliateToken Value: 1
mpsnare.iesnare.com/	1970-01-21 01:02:48	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: Z2YTKqwnmYuiz47NEF25jcxecjNpAKsroOvauOMAzHY=
secure.gratowin.com/	1970-01-21 01:53:12	Name: locale Value: %7B%22lastSavedLocale%22%3A%22en%22%7D
.gratowin.com/	1970-01-21 01:53:12	Name: _ga Value: GA1.2.660150936.1700232909
.gratowin.com/	1970-01-20 16:18:39	Name: _gid Value: GA1.2.99171862.1700232909
.gratowin.com/	1970-01-20 16:17:12	Name: _gat_UA-27702367-6 Value: 1
.gratowin.com/	1970-01-21 01:53:12	Name: _ga_5D5LQ8JKK9 Value: GS1.2.1700232909.1.1.1700232909.0.0.0
.www.gratowin.com/	1970-01-21 01:02:48	Name: cf_clearance Value: PL2i_QeK52EOtFo5i_LHxYjKqmeceEQjRPGqtnOLVvw-1700232910-0-1-af65c59c.9e3f7497.f8649a7c-0.2.1700232910
.secure.gratowin.com/	1970-01-21 01:02:48	Name: cf_clearance Value: oaCRkpdiTXnF9jHL.zMM3aP0or4B3_v33J7pdemgZ.c-1700232910-0-1-af65c59c.a14f701a.f8649a7c-0.2.1700232910

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.gratowin.com/iojs/general5/static_wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b5b0404-5f30-4d46-be6b-c2b5b202c121.snippet.antillephone.com
anakatech.uat1.evo-test.com
anakatechsupport.freshchat.com
analytics.streamygame.com
b3797f01-e573-4b2d-900b-06ef4ef785de.seals-emr.certria.com
bat.bing.com
cms2.gratowin.com
cms2.netoplaycdn.com
d2afn796dyftlg.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ga.streamygame.com
maxcdn.bootstrapcdn.com
mpsnare.iesnare.com
region1.google-analytics.com
secure.gratowin.com
storage.googleapis.com
web-sdk.smartlook.com
www.google-analytics.com
www.googletagmanager.com
www.gratowin.com
104.18.10.207
13.107.21.200
142.250.184.206
142.250.186.187
142.250.186.67
143.204.98.24
147.78.140.52
147.78.140.54
172.217.18.104
172.217.18.106
172.67.219.191
18.172.153.7
18.245.60.109
195.181.170.19
216.239.34.36
2a00:1450:4001:801::201b
54.195.39.4
76.223.64.65
99.86.91.109
0152ea2082322cc10bc3eb642f899cd99dbce2f918b9dfbb85869569178a3b37
03a30c6b206a8229db7787bf4bd0fcddc4fcc28703725c1934da423ab879174e
046dc581575aa3963d46bf1d735d3b244dadf54f60454b2fed3b78a34b6ae355
048b2f5e3b86bec8b10baa4271ef5c706150a317e3a42a4a2ea97ca4a507b024
067b6ebcefa5dbbd0af6ae707c21061eb841b515e0ea1617c95917ecff0fad24
072a41bcaf53ec69ef4b371847306fa35036cd9681380b357768459eab08d3ef
087a64a782e52566b9f11c4d3ffbf22498482165591c955972fece46a702f13b
0af2e2a86b8e8d47a1a5ca54128c0a7adf09074386cf5a8ee68f178a68584362
0b6ee5642e247392075c40330df8d51d04005266b70e50e29a988998dde3a459
0e643d08644061f248aee00b613000b52248f86128c56c083b70d1e1ed128635
0e91de8b587baf86d05f8da82ac270eab8d4989defcdc85ffda62578778b04a3
0ebb87df614d24d505185917fb3b26027f914fe0aed27df37fa5147316ad6787
15adf8978eb04707c9ddae36c99938249154d563d43e621441850bf5eb4e9cda
172bd24482eb3ee7cd47d845136150246425e03c2867139e8cd2caf0160ef80c
1ab342fcaeef1cb265817783f2f8454961b3259dae4c0ce05af1fa2392f02de2
1b3cf55ddf07b3198e5a82c15c88eb55d0e6800cd7c40f8992b7e0e93708bef7
1df0b8768ea979fd15459b8d6d8b24854740be3d1de23451128c7879dea88160
1e231db8a480361ea2e8c6f6352e890c7c5463f9afb0eafdfed777c314e185fa
1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7
21eeb6deac594e13155d344bf008e6aaac35d941fa223131836670ea736e567b
229860d5579a814fd16d2e3912991003d14de5bba211f8cb4d006e293c802210
249eee8d3486e8eae55ecefdf2a7634c4d1c824592fb7516d43fed2621530c9c
27b995491ed7671bea91715685c9787cc3a313e21cede101be651e17e6f1d81b
27eee5689f593c50f0d3611d076f160dbb8d96e9a7cda69aea592e019a9df048
2bd44487689f7f4501db1b9b7a7a50849c4d42e534eef60a04356a7851e92c0c
2ce13735694736a7b414eec7de74a893e67a0bc53d08d0f38f57386e3f6648a6
306a4e3c53cb42d71630d705071e6562b792f837c9ba004f78f9e3c7cb3660e6
33ca242f06daeb930a6a59b6a05524346af8001865296169457b029398f15a6e
384ca46673f9d9209ecf6b510aa5e67e5e6e8c5762d7b5c8e643dfc96fb96031
3c1278130fbad8cdadafa0bc2321f02c2b3ef8b1441ffcf64c5399111d72be2d
3e205c59d44f4f0a0c66989238c8b818b3628171c2f4d912810a09a92d03905e
3f386030f30cc1118ebe4dc21a54c3325c14981274af10acd3a10acd42206866
3fba23dbed5a74bb4704ab3fe09fc282abfe68a93a0a3a0f574c1d6c365008ce
41676d38603422223207fd1fd8bf5812492a678c331e9bb87e748633edff8b06
41f92fcffa7df004f0126954aabee78739751b7bb0298dc32a73d611beec3e7c
4277fec748393e04c2f4983d5cc5fb8b97cad50cfff0e05291542fc23f0f1e30
486894f29e34e2a9c4a7a938605d53ee752957d4270055fecb27828899fc0a3b
48e47ee54e22ca42f903eb52bc711f60d93b05f595eb5f65454da85f4dc81036
4d15890c357177f7185112a1ce66665d08acf31e81e4917820ec36279dd26bd0
4d179b0a2cee9a794df7c65233915ba9ae2f24734ed098626f637751ab40e496
4fe565e155881addcc557019e726097e351cff20de84a8e706d6e43295819fa7
507b30e5c48244d59c6f765344b87ebbedef23548968bcb0907019dc33b48d34
54a1a6151a81ec40d14bf2e85d4f116a90c545adfd6c5499ee6879de870315c8
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f650aad37e541335f86817ea21b510129524eb2da8daaa0a6abb1043fac40bd
62121823dafe2e58ffbf408a8b2e9f60a1118dde8bd0f8f2eede64792a816d08
6570c735518d3b261611298f4d3bf3775d607b282b28b1695cb12a593b69b0f8
662747cadb243580036e79bfd0e80b654593111eeeb96e1f743ff4095b588189
6650963c35725add7c3cedb3fd660f4f38791e8298647b92c132767f97468aa5
683c8a367c5ec4674454d06456255ca95d5a0ba796d5b77b2325d4bbf3a91543
68cf1e13a62920332c534a76d24252992337f97bb37fd4ca1d5bab60097297fb
6aae23685ad6563cbbb3e33632fb29c31078254370c57be634b7a80f173ce708
6d8e64647ff26ec08ef571983cff89c2477be7bf5a58f0c31f6aad4d3b1e329a
71f0d1968edf4eff6dded3902361932770fe724bf52166051fe3e556c9d0e36a
72ba589e030b6b1b37aa2dd5ef0a663660368999f9e23e5c686d72210529dcb9
74686cb67a39ba6066421272589bcf938003022d9dbc772454747518073ac1a9
754a00a45d1681fa7872ded722930116706b858e4b38366971e4b301140666c6
769ceada3705aed315df0d5bb7f0dc7374d10d7409dc597c62efc53828b2b1f1
78038ec16e3ff0e7506dfc620c9c706a73ae22508374d1022f9e4e02f5e8da12
7970f5651d732b7599fee191150192546533abcb77d7de83761f1df01ddca119
7a4c637f2b5ec8ff8e8a9b1fd0f2cd026d81676532553652c0d75b42269a7d6e
7bc364554159c5ace8fbae0965ff955753855fbf7c0238ba5acbbe46af0d6ba3
7cc832fd62a0a40299ef60dd79669685ba8b72239c1e840827f7ef3dd0bcda72
7ce32208321c1a409e98a42ff3f8b7c10d2d7e1cc31037dd8aa4f54e391c4b1b
7dc5a89829ed295864cee6940f583f1788773e66662c0fa19d2c14ff11793924
7dcd080d8016c6d3bee9075cd7798111c5820725bee35e0731f617d582bdba29
7e35783c6f9ed24b1585355570a46af03d24c69f7bc88afc7f8e23118729b18d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87469ddb8810cd46f1749ad01e91a5734d29aee693236c5cd6834a47f10eacd7
8ace96a6ec351b692e45a356418cff482da0bb2ca6a2a9cd3b0fb7713a709fb9
8b0dc3bdca5aa2ce23a8bc68fcc6a9aeb6d0f616db93fbb0fe236694a6e68c62
8cb596cfd2b492ded0843e0f152e165ac5bf786dc983578c88381a7172bfd30d
8e201cbc602775780a67b0db30375dcbc42921a7a93144059678313a0be6ed78
8ef8b1b9f70231cdaff9b49febecc51162e022432fef65022a082acc4d446cd2
9207ac8f91fe621faaaf513e98755be395dfe1987950a0ad1aa508c8637b96d1
931cdc9da183b6e6f40476736791be667482d6eef83da8de662b3084bebd9215
9731f4ed6b73c9446d8fe8d0a0bf84507eea260dcfe72a12c122be32be90b1fd
9777bee7a468288e47260048fecfa8aa52243a4750ecd55c1ccc43be2b629c26
9a8deaadb9239084af88029050267e10ed8fccd57825ed506ed0ade89461226c
9bab7eab8e1e05aa031ce685b74fdb8bbbffb418f4068dadfb44ffd6d130af5d
9f54553274f460f9d71d346b32bd34d7c4b1c3d968cdc1a7075cf22863be49de
a09b6faa891a8e730e9f2e956215a1bfef1725dc855261c41d600ebd26f897a6
a2806e161efa9a075eef6391b50251075bc60c50f90879db0dacbb958b808376
a8277b0b9a43b24cb577a0b5e8eb07e4bb293bed4b79bf523a11aebc4343a1ca
ab8487ae74ea4d685e0c597527710b8504404d1832eefce9aad14d19f4ecc7d3
ad2407a26e9caab3ad7da70953710056a5ed42947f5fae617476638f4a58f73e
aee37563498c6b9d28eda1e4fa7fddeb8b8f8223b623a0767c7fcd3bc3348ba7
b185da9777f2953b350ef4dd6d0f78d94bdea1ec0a6ef42c629d47f854b8c20f
b2ca845c5e87533da52958f4b9c52f6d2a373f2a273a7b6e90093026f7a1ae47
b44452423e27abf304bca5773bc2657000d4e69a578f406af5b3d096a7a3f666
b5266176475170d856198d9eb5c1040905fb8741cd1f97b7dba0b62e9312d098
b7ed2a63dfad9be57d2789d4f079fd7c67328f9467b5cce4539e4dd0c98a73a5
b9c92f0827d071c2e0c3d39238c35dc8c1331c5de99c84e03a85272489690142
baa738a2fc051c6b68f6d65cbd422e640da85b725eba6f1dcf68eabd70283bca
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbca445697cfd82af406bd43a2fec50cfcc00ec7dfdf16d95b9bd551624a9c52
bbd039d1d5621472a25b228ca3f48c08aef9cabf180e982530cd84a3abc04555
bc6f8ce3e23522a90a30aa6db34de03b04e66641ce217ee033158410a9115dee
c0ca60f1dad78e13d0b750e96ac1de35a86b68c26adc8dd14944930a3eb43a11
c21ac0bbb27a457552858b53c117acc699665377f80e292970c9c56f7306dadc
c838dec06b4e2d4fa1747ddc389960afba2b20d3d48f72f863f779302a62cdc9
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cf038cde00b4d5794bcd8ddcc0a6e4d92c3818bc8d98004c85e371779bc9db42
cfd2909b0463fd227763a7fd38530bc46cd675295141ab90901499b018e5e771
d3ab881e2a91522416b0befe1c8cb255b9cb85a398c74d95bb9fb7c7dcaa968e
d4438bc2ea9014dbeca73bfc27a2c2666d4701f06cffea542e578639e7f6b47c
d4b1f2acfa26a592e2d84ce864eca88621da27d5c1f73be6b2d5e158509521ec
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
ddf97f53a93129028c15f1cf3ca743b09205055e2dc162e66a379cb35c153c5b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4363b84238dda44f9ca7980c91b775f141a438aa2af9152b98a036f664ca178
e556916c8d10ea83b944cdca70a9c0591aa9d3f5916f56a26bac507cd1fc1d0e
e64078858db64c027324a4cea36d5b3b24860d34ed55f608905537b003763cc3
e7c00b0ec68c5137e7b359a0ab6f5ff9c7a2000f47ceee7aacae6934eb91aae6
ea47861f3a7ed205a8c8d83e3756164f4a0987d6bf7421b5599e94abf7d03d05
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef68e3b876df7786e67fb8973c8fa693bf2c5584234f9a5d1080ec4fdc1be9d9
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f35fe776023c2c21ff0c4695773847a715de42547d74197df8e3dd905880a19b
f3a3bad77018a615558340201b8d3a3ef4161786e11be214f99591cedf354066
f440f0656a8c87bc428b3a431b9c139171c8bbccaa06009498fe4db330787c89
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc0a5ec70e694026143af49e4d9bc423d812096c1b7d3bdc6e65dde3e891b409
fcdde1f33b3e4a8eb0b7d7a01e1ce45e96b3ddb5f2b9c140d425e4af8cd52538
fd38176e957a41b6ced1e7ead0a6b5e91943fd6fb231d27073be82c92f246ad5
fdf435cdd653fa5c6777572ffdfab1647e9bd13426bfefbd519495702deec119
ffadb65707412f15c7b5d9576539e2a736c2d7fec47ecd9da0b789827e1f8aac

secure.gratowin.com Open in urlscan Pro 147.78.140.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

97 %HTTPS

5 %IPv6

16 Domains

21 Subdomains

20 IPs

5 Countries

4749 kBTransfer

9096 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.gratowin.com Open in urlscan Pro
147.78.140.54 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

97 %
HTTPS

5 %
IPv6

16
Domains

21
Subdomains

20
IPs

5
Countries

4749 kB
Transfer

9096 kB
Size

13
Cookies

145 HTTP transactions
1 data transactions