secure.gratowin.com Open in urlscan Pro
130.211.16.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pk.cekta.net/campaigns/ls829pamnteff/track-url/nh749c508517e/0e4468ca7317d6de6c647a61c8cc1f7c640e4292
Effective URL:
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affi...
Submission: On November 06 via manual (November 6th 2020, 8:08:51 am UTC) from FR

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 57 HTTP transactions. The main IP is 130.211.16.99, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is secure.gratowin.com.
TLS certificate: Issued by GTS CA 1D2 on October 13th 2020. Valid for: 3 months.

This is the only time secure.gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	147.135.64.69 147.135.64.69	16276 (OVH) (OVH)
1 1	54.194.14.156 54.194.14.156	16509 (AMAZON-02) (AMAZON-02)
1 1	35.227.235.12 35.227.235.12	15169 (GOOGLE) (GOOGLE)
1 7	34.102.220.22 34.102.220.22	15169 (GOOGLE) (GOOGLE)
23	130.211.16.99 130.211.16.99	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
3	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:6400:16:... 2a03:6400:16:0:178:249:101:99	11054 (LIVEPERSON) (LIVEPERSON)
6	2a03:6400:16:... 2a03:6400:16:0:178:249:101:98	11054 (LIVEPERSON) (LIVEPERSON)
1	208.89.15.170 208.89.15.170	11054 (LIVEPERSON) (LIVEPERSON)
5	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
57	14

1 147.135.64.69 (Reston, United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ns101960.ip-147-135-64.us

pk.cekta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.14.156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-14-156.eu-west-1.compute.amazonaws.com

sacett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.235.12 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 12.235.227.35.bc.googleusercontent.com

click.power-ppp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.102.220.22 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.220.102.34.bc.googleusercontent.com

www.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdrn.hermione-ltd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
root.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 130.211.16.99 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 99.16.211.130.bc.googleusercontent.com

secure.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:6400:16:0:178:249:101:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:6400:16:0:178:249:101:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net

va.idp.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gratowin.com 1 redirects www.gratowin.com secure.gratowin.com static.gratowin.com	1 MB
11	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	41 KB
9	liveperson.net lptag.liveperson.net va.idp.liveperson.net va.v.liveperson.net	110 KB
5	netoplaycdn.com root.netoplaycdn.com	5 KB
3	google-analytics.com www.google-analytics.com	19 KB
1	ipinfo.io ipinfo.io	375 B
1	googletagmanager.com www.googletagmanager.com	47 KB
1	jquery.com code.jquery.com	66 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	20 KB
1	hermione-ltd.com cdrn.hermione-ltd.com
1	power-ppp.com 1 redirects click.power-ppp.com	452 B
1	sacett.com 1 redirects sacett.com	821 B
1	cekta.net 1 redirects pk.cekta.net	547 B
0	ngplatform.com Failed update.ngplatform.com Failed
57	14

	Domain	Requested by
16	secure.gratowin.com	secure.gratowin.com
7	static.gratowin.com	secure.gratowin.com static.gratowin.com
6	lpcdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
5	va.v.liveperson.net	lptag.liveperson.net
5	accdn.lpsnmedia.net	lptag.liveperson.net
5	root.netoplaycdn.com	secure.gratowin.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.gratowin.com
3	lptag.liveperson.net	secure.gratowin.com
1	va.idp.liveperson.net	lptag.liveperson.net
1	ipinfo.io	secure.gratowin.com
1	www.googletagmanager.com	secure.gratowin.com
1	code.jquery.com	secure.gratowin.com
1	maxcdn.bootstrapcdn.com	secure.gratowin.com
1	cdrn.hermione-ltd.com	secure.gratowin.com
1	www.gratowin.com	1 redirects
1	click.power-ppp.com	1 redirects
1	sacett.com	1 redirects
1	pk.cekta.net	1 redirects
0	update.ngplatform.com Failed	secure.gratowin.com
57	19

This site contains no links.

Subject Issuer	Validity	Valid
secure.gratowin.com GTS CA 1D2	`2020-10-13` - `2021-01-11`	3 months	crt.sh
static.gratowin.com GTS CA 1D2	`2020-10-13` - `2021-01-11`	3 months	crt.sh
downloads-scratchmania-origin.netoplay.com GTS CA 1D2	`2020-10-14` - `2021-01-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
ipinfo.io GTS CA 1D2	`2020-09-27` - `2020-12-26`	3 months	crt.sh
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA	`2018-02-26` - `2021-02-25`	3 years	crt.sh
*.idp.liveperson.net COMODO RSA Organization Validation Secure Server CA	`2020-07-09` - `2022-07-09`	2 years	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Frame ID: 0B8CF87C97D0756BA9C30EFCF2E55964
Requests: 54 HTTP requests in this frame

Frame: https://update.ngplatform.com/index.html
Frame ID: A5F939FDA0081BDDE5F8CEE646756B44
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod&isCrossDomain=true
Frame ID: E9AF30C1015F9DB95DEC9404CE3ADAB6
Requests: 1 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1604650117803&loc=https%3A%2F%2Fsecure.gratowin.com
Frame ID: 7EF80FBC8DB3178D6E4B21D5B5B4BDA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://pk.cekta.net/campaigns/ls829pamnteff/track-url/nh749c508517e/0e4468ca7317d6de6c647a61c8cc... HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&a... HTTP 302
https://www.gratowin.com/dlink.php?Inc=78458682&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=... HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affilia... Page URL
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712... Page URL

Detected technologies

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

57
Requests

98 %
HTTPS

44 %
IPv6

14
Domains

19
Subdomains

14
IPs

5
Countries

1519 kB
Transfer

2988 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pk.cekta.net/campaigns/ls829pamnteff/track-url/nh749c508517e/0e4468ca7317d6de6c647a61c8cc1f7c640e4292 HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426 HTTP 302
https://www.gratowin.com/dlink.php?Inc=78458682&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909 HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909 Page URL
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://pk.cekta.net/campaigns/ls829pamnteff/track-url/nh749c508517e/0e4468ca7317d6de6c647a61c8cc1f7c640e4292 HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426 HTTP 302
https://www.gratowin.com/dlink.php?Inc=78458682&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909 HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
secure.gratowin.com/
Redirect Chain

http://pk.cekta.net/campaigns/ls829pamnteff/track-url/nh749c508517e/0e4468ca7317d6de6c647a61c8cc1f7c640e4292
https://sacett.com/?a=8178&c=22306&s1=
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426
https://www.gratowin.com/dlink.php?Inc=78458682&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&short...
https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_tar...

22 KB
6 KB

139ms
108ms

Document
text/html

130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 5cbf2868cb625f58ce1f4ab8f8e13c02ab3f4486c1354197a8d294e117aca96a

Request headers

:method: GET
:authority: secure.gratowin.com
:scheme: https
:path: /?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Inc=78458682; brandId=8; campaignId=48907; mediaId=7712; lang=fr; mode=1; affiliateProfileName=8178_; clickID=21686-581371426; ABClicks=1; shorten_link=5bc7026c78c83; shorten_target=11135; netoClickId=5fa504815e0f95ab1949c909
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: rhino-core-shield
date: Fri, 06 Nov 2020 08:08:33 GMT
content-type: text/html
content-length: 6142
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 307
server: rhino-core-shield
date: Fri, 06 Nov 2020 08:08:33 GMT
content-type: text/html
content-length: 0
x-powered-by: PHP/5.5.9-1ubuntu4.26
set-cookie: Inc=78458682; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com brandId=8; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com campaignId=48907; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com mediaId=7712; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com lang=fr; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com mode=1; expires=Sat, 07-Nov-2020 08:08:33 GMT; Max-Age=86400; path=/; domain=.gratowin.com affiliateProfileName=8178_; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com clickID=21686-581371426; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com ABClicks=1; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com shorten_link=5bc7026c78c83; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com shorten_target=11135; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com netoClickId=5fa504815e0f95ab1949c909; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/; domain=.gratowin.com unikClick=yes; expires=Sun, 06-Dec-2020 08:08:33 GMT; Max-Age=2592000; path=/
location: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
via: 1.1 google
alt-svc: clear

GET
H2 200 style.css
static.gratowin.com/games/skins/8/ 1 KB
514 B 63ms
27ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/skins/8/style.css?ver=76.2005
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 2dea1a89853b566ddae2f163f7828a43a17d1046f03deb18a1c7ad09d0c2ceb6

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
content-encoding: gzip
last-modified: Thu, 05 Nov 2020 07:43:58 GMT
server: rhino-core-shield
status: 200
etag: "54065e-438-5b357423cface"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: clear
content-length: 336
via: 1.1 google

GET
H2 200 lightwindow.css
static.gratowin.com/games/styles/ 9 KB
2 KB 67ms
31ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/styles/lightwindow.css?ver=76.2005
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 08:41:00 GMT
server: rhino-core-shield
status: 200
etag: "10017d-2264-5ab03b30d320c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: clear
content-length: 1938
via: 1.1 google

GET
H2 200 jackpotwidget.css
static.gratowin.com/games/styles/ 5 KB
1 KB 66ms
30ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/styles/jackpotwidget.css?ver=76.2005
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 08:41:00 GMT
server: rhino-core-shield
status: 200
etag: "100183-14de-5ab03b3089e17"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: clear
content-length: 1019
via: 1.1 google

GET
H2 200 GW_fr.jpg
secure.gratowin.com/lobbyImgs/ 63 KB
63 KB 30ms
29ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/lobbyImgs/GW_fr.jpg?1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: d84ae921292ae9b34c6f61d47db5dc2b45d0637b3f7dd0edba8249af532c5f2f

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
via: 1.1 google
last-modified: Tue, 28 May 2019 06:34:43 GMT
server: rhino-core-shield
etag: "221be3-fbad-589ecdc38f54d"
content-type: image/jpeg
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 64429

GET
H2 200 indexScripts.min.js
static.gratowin.com/games/js/ 291 KB
88 KB 111ms
76ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/indexScripts.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2019 09:21:41 GMT
server: rhino-core-shield
status: 200
etag: "1011c1-48d80-58e419a987fce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 jackpot.js
static.gratowin.com/games/js/ 3 KB
914 B 67ms
32ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/jackpot.js?ver=76.2005
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:08 GMT
server: rhino-core-shield
status: 200
etag: "100187-af6-5ac1fc390eba2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: clear
content-length: 803
via: 1.1 google

GET
H2 200 funcPlatform.js Show response
static.gratowin.com/games/js/ 51 KB
8 KB 62ms
27ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/funcPlatform.js?ver=76.2005
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f28711052ffe3e57bc3ee786502645508e26b7c5188695aba410d4c8c145ff8f

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 06:30:02 GMT
server: rhino-core-shield
status: 200
etag: "1001f7-cc2f-5b08207926159"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: clear
content-length: 8231
via: 1.1 google

GET
H2 500 featherlight.min.js
cdrn.hermione-ltd.com/mountain/js/ 0
0 198ms
163ms Script
text/html 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdrn.hermione-ltd.com/mountain/js/featherlight.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 popups_atw_lobby.js
root.netoplaycdn.com/assets/js/ 7 KB
2 KB 76ms
41ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/popups_atw_lobby.js?v=1604650113
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
content-encoding: gzip
last-modified: Mon, 21 Sep 2020 14:42:58 GMT
server: rhino-core-shield
etag: "1afc-5afd3ddd16080-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1943
via: 1.1 google

GET
H2 200 current.js
root.netoplaycdn.com/assets/promotions/ 6 KB
2 KB 79ms
44ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/promotions/current.js?x=1604650113
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
content-encoding: gzip
last-modified: Wed, 28 Oct 2020 12:43:10 GMT
server: rhino-core-shield
etag: "1920-5b2ba81821380-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1983
via: 1.1 google

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
584 B 43ms
9ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 07:47:40 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
age: 1253
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET index.html
update.ngplatform.com/ Frame A5F9 0
0

GET
H2 200 Primary Request registration_step1.html Show response
secure.gratowin.com/ 16 KB
5 KB 235ms
233ms Document
text/html 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: a9fe30ecf01124e47e17fda537381e523706a94341ffc695ae6326c897c6f6aa

Request headers

:method: GET
:authority: secure.gratowin.com
:scheme: https
:path: /registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Inc=78458682; brandId=8; campaignId=48907; mediaId=7712; lang=fr; mode=1; affiliateProfileName=8178_; clickID=21686-581371426; ABClicks=1; shorten_link=5bc7026c78c83; shorten_target=11135; netoClickId=5fa504815e0f95ab1949c909
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.gratowin.com/?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909

Response headers

status: 200
server: rhino-core-shield
date: Fri, 06 Nov 2020 08:08:34 GMT
content-type: text/html
content-length: 4906
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 bg.jpg
static.gratowin.com/games/skins/8/ 541 KB
542 KB 30ms
29ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gratowin.com/games/skins/8/bg.jpg
Requested by: Host: static.gratowin.com
URL: https://static.gratowin.com/games/skins/8/style.css?ver=76.2005
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://static.gratowin.com/games/skins/8/style.css?ver=76.2005
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:33 GMT
via: 1.1 google
last-modified: Thu, 15 Mar 2018 07:58:27 GMT
server: rhino-core-shield
etag: "54065a-874f0-5676edb58e30d"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: clear
content-length: 554224

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 50ms
10ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 registrationStyle.css
secure.gratowin.com/htmlRegistration/css/ 20 KB
4 KB 32ms
29ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: adf8f1060a494286abee2dd36be5566b440de58a439f7e15fdad79074263e671

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:39 GMT
server: rhino-core-shield
etag: "e1bf3-4eb1-5ac1fc5697d32"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 4267
via: 1.1 google

GET
H2 200 registrationStyle.css
secure.gratowin.com/htmlRegistration/images/brands/8/ 188 B
244 B 33ms
30ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 0af6b5b2b85951a7a992529ce7b62e702fad82566aa8cd1201cda5b25fcbadb0

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:44 GMT
server: rhino-core-shield
etag: "540870-bc-5ac1fc5bbb59b"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 134
via: 1.1 google

GET
H2 200 libsScripts.js Show response
secure.gratowin.com/htmlRegistration/js/ 512 KB
107 KB 40ms
37ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 3524edd021d38f109a0eb32c0c5903731708cea9bfccb5adc2b2a244046bc266

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Tue, 26 Nov 2019 08:44:50 GMT
server: rhino-core-shield
etag: "e15da-80038-5983be4a97040"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 28ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Origin: https://secure.gratowin.com
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
status: 200
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1604650114.dop128.fr8.t,1604650114.cds257.fr8.hn,1604650114.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
437 B 10ms
8ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 07:47:40 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
age: 1254
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET
H2 200 UtilsAndCommonRegisterScripts.js Show response
secure.gratowin.com/htmlRegistration/js/ 44 KB
10 KB 76ms
74ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c965b44b7dda96016f7d9ddfedb366ccf20d82698a832b3ebb5563536cd84bd2

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 06:58:52 GMT
server: rhino-core-shield
etag: "e15e5-b0fe-5aec7de29f9fb"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 9777
via: 1.1 google

GET
H2 200 createAccount.js Show response
secure.gratowin.com/htmlRegistration/js/ 21 KB
5 KB 33ms
31ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/createAccount.js?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 97d7ea7a417366b9c5b5e5a5d48a877672aa5fcc5aa57831d212d827c69b6604

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:39 GMT
server: rhino-core-shield
etag: "e1bfe-53ab-5ac1fc56e20c9"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 5250
via: 1.1 google

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
437 B 11ms
10ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js?v=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 07:47:52 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
age: 1242
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET
H2 200 bg_Regular.jpg
secure.gratowin.com/htmlRegistration/images/brands/8/ 324 KB
325 KB 66ms
65ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/bg_Regular.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f2d8aebf12652d1b8e206162f4eda56fa731498e288cd25727312348c28dac74

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:14 GMT
server: rhino-core-shield
etag: "54066e-5116c-594eecb18fb18"
content-type: image/jpeg
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 332140

GET
H2 200 step1_bar.png
secure.gratowin.com/htmlRegistration/images/brands/8/ 2 KB
2 KB 54ms
53ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/step1_bar.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 6e5af33fae4648ab63fd54e57d6c7ee2f3e3a63fb827b975fd5c4d6d43e81652

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:14 GMT
server: rhino-core-shield
etag: "5407ec-79e-594eecb18eb77"
content-type: image/png
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 1950

GET
H2 200 next_button.png
secure.gratowin.com/htmlRegistration/images/brands/8/ 4 KB
4 KB 30ms
29ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/next_button.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 8f1dbb31098710f15f1fdd002711f62e691e507d43776abce00b40923b56f2a9

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:13 GMT
server: rhino-core-shield
etag: "5407eb-10c2-594eecb13da7c"
content-type: image/png
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 4290

GET
H2 200 footer.png
secure.gratowin.com/htmlRegistration/images/ 17 KB
17 KB 37ms
37ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/footer.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c8fb46baf654f26f5cc81075c3c371586b87b5b5781336af27ee31ae8c2981ad

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:29:54 GMT
server: rhino-core-shield
etag: "e1c60-42f8-594eec9ea4861"
content-type: image/png
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 17144

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 152 KB
47 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQ4DBB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18a9114496387b41dd089131da9c33646a9a38902214cd4ad69133d65e88df81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47656
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Nov 2020 08:08:34 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 105ms
47ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=70099149
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 json Show response
ipinfo.io/ 241 B
375 B 142ms
116ms XHR
application/json 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/json

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 Los Gatos, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

/ Express

Resource Hash

4f3c9210f37b5b2dc764a052cfd3b06c09ae2e1c836a3e0b5b63c785397eb2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
via: 1.1 google

GET
H2 200 playerAuthenticationServlet Show response
secure.gratowin.com/server/api/ 16 B
236 B 44ms
43ms XHR
text/plain 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/server/api/playerAuthenticationServlet?jsonObject=%7B%22methodName%22%3A%22getCountryBasedOnIp%22%7D&brandId=8&lang=fr&Inc=78458682&campaignId=48907&mediaId=7712&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909&brand=gratowin&_=1604650114333
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 65bd6a3a9018a37970703318ddecc7092985ecca5c0ebff3e29792fb0879a535

Request headers

Accept: */*
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
via: 1.1 google
server: rhino-core-shield
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/plain
access-control-allow-origin: *
alt-svc: clear
content-length: 16

GET
H2 200 upperLogo.jpg
secure.gratowin.com/htmlRegistration/images/brands/8/en/ 5 KB
5 KB 30ms
30ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/en/upperLogo.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 2411b5d22ac1371b906ec7b4b60aa8ecdbc1c89f64c705860c28df32619e540b

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:38 GMT
server: rhino-core-shield
etag: "88028b-1269-594eecc8a4613"
content-type: image/jpeg
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 4713

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ4DBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1149
date: Fri, 06 Nov 2020 07:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 06 Nov 2020 09:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
410 B 66ms
13ms XHR
text/plain 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=574016619&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D78458682%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-581371426%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5fa504815e0f95ab1949c909&dp=%2Fregistration_step1.html%3F%26lang%3Dfr%26mediaID%3D7712%26affiliateProfileName%3D8178_%26brandId%3D8%26campaignId%3D48907&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=394753601&gjid=726169662&cid=139100099.1604650114&tid=UA-27702367-3&_gid=530483776.1604650114&_r=1&gtm=2wgas1TQ4DBB&z=137038419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 08:08:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 countries_fr.json Show response
secure.gratowin.com/htmlRegistration/settings/countries/ 32 KB
5 KB 41ms
41ms XHR
application/json 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/settings/countries/countries_fr.json?_=1604650114334
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f07ad683b5e56352b20cf218b5b1f7b5eba26a11e36bd23b3b1ceb23dd6854fd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:41 GMT
server: rhino-core-shield
etag: W/"e1c16-8139-5ac1fc5880244"
vary: Accept-Encoding
content-type: application/json
status: 200
alt-svc: clear
via: 1.1 google

GET
H2 200 Lang_fr.json Show response
secure.gratowin.com/htmlRegistration/settings/languages/ 25 KB
8 KB 42ms
42ms XHR
application/json 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/settings/languages/Lang_fr.json?ver=0&_=1604650114335
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: e8a98f2db2dcf5b4d074a61e774ee5ae5376e39843cab889e72fb54b60995f60

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 11:39:55 GMT
server: rhino-core-shield
etag: W/"e1212-6291-59a0d052fdf86"
vary: Accept-Encoding
content-type: application/json
status: 200
alt-svc: clear
via: 1.1 google

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=574016619&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D78458682%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-581371426%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5fa504815e0f95ab1949c909&dp=%2Fvp%2Fregsiter%2FDesktop_Registration_Form_PopUp&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=139100099.1604650114&tid=UA-27702367-3&_gid=530483776.1604650114&gtm=2wgas1TQ4DBB&cd12=Deeplink&z=524980332

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Nov 2020 14:05:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64976
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 261 KB
95 KB 24ms
24ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a5b1bf01ff16a3218b3ef7ab91440e8106d7154c89feaa52175a65f84daef3f0

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/ 4 KB
1 KB 151ms
36ms Script
application/javascript 2a03:6400:16:0:178:249:101:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/?cb=lpCb42400x52604
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 4530c4a6f675a849eea6c293d5ab121e5b96170811779149be37683908a718f4

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Fri, 06 Nov 2020 08:09:20 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/ 18 KB
2 KB 180ms
71ms Script
application/javascript 2a03:6400:16:0:178:249:101:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d97c80b7128f8ca1cbbd062b0f62526b4d52801668319709e2865ced8296eca1

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:34 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Fri, 06 Nov 2020 08:09:26 GMT

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ Frame E9AF 0
0 148ms
35ms Document
text/html 2a03:6400:16:0:178:249:101:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod&isCrossDomain=true
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod&isCrossDomain=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909

Response headers

status: 200
date: Fri, 06 Nov 2020 08:08:36 GMT
content-type: text/html
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Fri, 06 Nov 2020 08:18:36 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ 38 KB
15 KB 35ms
35ms Script
application/javascript 2a03:6400:16:0:178:249:101:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.js?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&force=1&env=prod&isCrossDomain=true
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:37 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 06 Nov 2020 08:18:37 GMT

GET
H2 200 postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame 7EF8 0
0 469ms
95ms Document
text/html 208.89.15.170
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1604650117803&loc=https%3A%2F%2Fsecure.gratowin.com
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.idp.liveperson.net
Software: ws /
Resource Hash

Request headers

:method: GET
:authority: va.idp.liveperson.net
:scheme: https
:path: /postmessage/postmessage.min.html?bust=1604650117803&loc=https%3A%2F%2Fsecure.gratowin.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909

Response headers

status: 200
date: Fri, 06 Nov 2020 08:08:38 GMT
content-type: text/html
last-modified: Sun, 30 Dec 2018 08:56:21 GMT
etag: W/"5c288835-2a51"
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 600 B
1 KB 484ms
194ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?&cb=lpCb32804x99745&t=sp&ts=1604650117795&pid=8300181321&tid=6699816153&u=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D78458682%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-581371426%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5fa504815e0f95ab1949c909&r=https%3A%2F%2Fsecure.gratowin.com%2F%3FbrandId%3D8%26Inc%3D78458682%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-581371426%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5fa504815e0f95ab1949c909&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%228f324c3b-695e-4a43-b24c-3b695e0a4319%22%2C%22account%22%3A%2270099149%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 38c9fa7a9c815745829eef432a36df212747aa912247046c1c96a9e18dd01c94

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 6 KB
3 KB 35ms
34ms Script
application/javascript 2a03:6400:16:0:178:249:101:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/overlay.js?_v=3.42.0.2-release_5022
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 12:50:18 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 06 Nov 2020 08:18:39 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 30 KB
12 KB 36ms
35ms Script
application/javascript 2a03:6400:16:0:178:249:101:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 12:50:18 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 06 Nov 2020 08:18:39 GMT

GET
H2 200 2942 Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/campaigns/1152525814/engagements/1152526014/revision/ 2 KB
1 KB 70ms
69ms Script
application/javascript 2a03:6400:16:0:178:249:101:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/campaigns/1152525814/engagements/1152526014/revision/2942?v=3.0&cb=lp1152526014&flavor=dependency
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a2bdec7072502bfed79823b34138e8ce904511e8e980732f81e1121b482eb1a6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 3
expires: Fri, 06 Nov 2020 08:09:39 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/ 4 KB
1 KB 35ms
35ms Script
application/javascript 2a03:6400:16:0:178:249:101:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/?cb=lpCb70450x85431
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: cd9a2271f5d28054e5d911918005d8ddd79e45301202249babfb23f739ce5119

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Fri, 06 Nov 2020 08:09:20 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 99ms
99ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=Vyz28vt_QsmSHayRWwQ0gA&cb=lpCb18529x48209&t=pl&ts=1604650118617&pid=8300181321&tid=6699816153&vid=RmMDU5OWRiYTM0ZDhlMDI5
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: c3ce5001a36ffdd1d2c5e59daa907240fa033d7f0f3e75a53493c985c7ebbbae

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 1616507530 Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/engagement-window/window-confs/ 4 KB
1 KB 111ms
111ms Script
application/javascript 2a03:6400:16:0:178:249:101:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/engagement-window/window-confs/1616507530?cb=lpCb29073x64352
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: e329899d8c632f46c0fbdf6301d758c419c444e29e0b8c3b9cce010b17b3fcbd

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Fri, 06 Nov 2020 08:09:39 GMT

GET
H2 200 s_bubble1.png
lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/ 1 KB
2 KB 35ms
34ms Image
image/png 2a03:6400:16:0:178:249:101:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/s_bubble1.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d804ac7290f9fc5e15b84f93bdd4e4d0001d29754eaf128e74855d52851cb614

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
last-modified: Wed, 19 Aug 2020 12:49:26 GMT
server: ws
etag: a66700f17fdb33302c6f78506d1a9808
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: image/png
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 1189
expires: Fri, 06 Nov 2020 08:18:39 GMT

GET
H2 200 s_bubble1.png
lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/ 1 KB
2 KB 35ms
34ms Image
image/png 2a03:6400:16:0:178:249:101:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/s_bubble1.png
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:16:0:178:249:101:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d804ac7290f9fc5e15b84f93bdd4e4d0001d29754eaf128e74855d52851cb614

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
last-modified: Wed, 19 Aug 2020 12:49:26 GMT
server: ws
etag: a66700f17fdb33302c6f78506d1a9808
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: image/png
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 1189
expires: Fri, 06 Nov 2020 08:18:39 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 41 B
791 B 99ms
99ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=Vyz28vt_QsmSHayRWwQ0gA&cb=lpCb32083x4149&t=uc&ts=1604650119334&pid=8300181321&tid=6699816153&vid=RmMDU5OWRiYTM0ZDhlMDI5&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A1152525814%2C%22engId%22%3A1152526014%2C%22revision%22%3A2942%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 22b2fc11025c9fc31c8e02724871d2ee0fe89d57967867c77d633d745703d541

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 9 KB
2 KB 24ms
23ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&ct=lpSecureStorage%2Clp_sdes%2Cscraper%2ClpActivityMonitor%2CrendererStub%2Clp_version_detector%2Clp_monitoringSDK%2ClpTransporter%2ClpUnifiedWindow%2CSMT%2Chooks%2Clp_SMT%2Cauthenticator%2CcleanCCPatterns%2CunAuthMessaging%2CjsLoader%2Clp_sms_client_api&b=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: e78a917e84b3fb6053aded69c87a3671b78bc1a9c6879f40d4110d35d944065d

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 240 B
946 B 143ms
143ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=Vyz28vt_QsmSHayRWwQ0gA&cb=lpCb3641x52916&t=sp&ts=1604650119377&pid=6512055555&tid=6699816153&vid=RmMDU5OWRiYTM0ZDhlMDI5&rvt=1604650119008&u=https%3A%2F%2Fsecure.scratchmania.com%2F%3Flang%3Den&r=https%3A%2F%2Fsecure.gratowin.com%2F%3FbrandId%3D8%26Inc%3D78458682%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-581371426%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5fa504815e0f95ab1949c909&sec=%5B%22gratowin%22%2C%22lang-english%22%5D&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%228f324c3b-695e-4a43-b24c-3b695e0a4319%22%2C%22account%22%3A%2270099149%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 7a29b2a61d7c8da52d075fe5dc05195497a34f0d2c9bb2cdda3fc0c11d49b0cf

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 104ms
103ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=Vyz28vt_QsmSHayRWwQ0gA&cb=lpCb67090x71403&t=pl&ts=1604650119381&pid=6512055555&tid=6699816153&vid=RmMDU5OWRiYTM0ZDhlMDI5
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 85f7f718b229ca76186979d0462ebcf239df34276465538fea6c00e71fa63766

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 08:08:39 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: update.ngplatform.com
URL: https://update.ngplatform.com/index.html

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gratowin.com/	1970-01-19 13:44:10	Name: _gat_UA-27702367-3 Value: 1
.gratowin.com/	1970-01-19 13:45:36	Name: _gid Value: GA1.2.530483776.1604650114
.gratowin.com/	1970-01-19 14:27:22	Name: netoClickId Value: 5fa504815e0f95ab1949c909
.gratowin.com/	1970-01-19 14:27:22	Name: shorten_link Value: 5bc7026c78c83
.gratowin.com/	1970-01-19 14:27:22	Name: clickID Value: 21686-581371426
.gratowin.com/	1970-01-19 14:27:22	Name: ABClicks Value: 1
.gratowin.com/	1970-01-19 13:45:36	Name: mode Value: 1
.gratowin.com/	1970-01-20 07:15:22	Name: _ga Value: GA1.2.139100099.1604650114
.gratowin.com/	1970-01-19 14:27:22	Name: lang Value: fr
.gratowin.com/	1970-01-19 14:27:22	Name: campaignId Value: 48907
.gratowin.com/	1970-01-19 14:27:22	Name: mediaId Value: 7712
.gratowin.com/	1970-01-19 14:27:22	Name: shorten_target Value: 11135
.gratowin.com/	1970-01-19 14:27:22	Name: brandId Value: 8
.gratowin.com/	1970-01-19 14:27:22	Name: affiliateProfileName Value: 8178_
.gratowin.com/	1970-01-19 14:27:22	Name: Inc Value: 78458682

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=78458682&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-581371426&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5fa504815e0f95ab1949c909(Line 287) Message: not fun player
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=(Line 857) Message: getCountryBasedOnIp
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=(Line 1131) Message: Dic loaded
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/createAccount.js?ver=(Line 207) Message: $("#createAccountForm #loginLink").outerWidth() = 318

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
cdrn.hermione-ltd.com
click.power-ppp.com
code.jquery.com
ipinfo.io
lpcdn.lpsnmedia.net
lptag.liveperson.net
maxcdn.bootstrapcdn.com
pk.cekta.net
root.netoplaycdn.com
sacett.com
secure.gratowin.com
static.gratowin.com
update.ngplatform.com
va.idp.liveperson.net
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
www.gratowin.com
update.ngplatform.com
130.211.16.99
147.135.64.69
178.249.101.23
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
208.89.12.87
208.89.15.170
216.239.32.21
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:814::200e
2a03:6400:16:0:178:249:101:98
2a03:6400:16:0:178:249:101:99
34.102.220.22
35.227.235.12
54.194.14.156
0af6b5b2b85951a7a992529ce7b62e702fad82566aa8cd1201cda5b25fcbadb0
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
18a9114496387b41dd089131da9c33646a9a38902214cd4ad69133d65e88df81
22b2fc11025c9fc31c8e02724871d2ee0fe89d57967867c77d633d745703d541
2411b5d22ac1371b906ec7b4b60aa8ecdbc1c89f64c705860c28df32619e540b
2dea1a89853b566ddae2f163f7828a43a17d1046f03deb18a1c7ad09d0c2ceb6
30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6
3524edd021d38f109a0eb32c0c5903731708cea9bfccb5adc2b2a244046bc266
38c9fa7a9c815745829eef432a36df212747aa912247046c1c96a9e18dd01c94
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047
4530c4a6f675a849eea6c293d5ab121e5b96170811779149be37683908a718f4
4f3c9210f37b5b2dc764a052cfd3b06c09ae2e1c836a3e0b5b63c785397eb2de
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5cbf2868cb625f58ce1f4ab8f8e13c02ab3f4486c1354197a8d294e117aca96a
65bd6a3a9018a37970703318ddecc7092985ecca5c0ebff3e29792fb0879a535
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5af33fae4648ab63fd54e57d6c7ee2f3e3a63fb827b975fd5c4d6d43e81652
7a29b2a61d7c8da52d075fe5dc05195497a34f0d2c9bb2cdda3fc0c11d49b0cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85f7f718b229ca76186979d0462ebcf239df34276465538fea6c00e71fa63766
8f1dbb31098710f15f1fdd002711f62e691e507d43776abce00b40923b56f2a9
97d7ea7a417366b9c5b5e5a5d48a877672aa5fcc5aa57831d212d827c69b6604
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
a2bdec7072502bfed79823b34138e8ce904511e8e980732f81e1121b482eb1a6
a5b1bf01ff16a3218b3ef7ab91440e8106d7154c89feaa52175a65f84daef3f0
a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2
a9fe30ecf01124e47e17fda537381e523706a94341ffc695ae6326c897c6f6aa
adf8f1060a494286abee2dd36be5566b440de58a439f7e15fdad79074263e671
c3ce5001a36ffdd1d2c5e59daa907240fa033d7f0f3e75a53493c985c7ebbbae
c8fb46baf654f26f5cc81075c3c371586b87b5b5781336af27ee31ae8c2981ad
c965b44b7dda96016f7d9ddfedb366ccf20d82698a832b3ebb5563536cd84bd2
cd9a2271f5d28054e5d911918005d8ddd79e45301202249babfb23f739ce5119
d804ac7290f9fc5e15b84f93bdd4e4d0001d29754eaf128e74855d52851cb614
d84ae921292ae9b34c6f61d47db5dc2b45d0637b3f7dd0edba8249af532c5f2f
d97c80b7128f8ca1cbbd062b0f62526b4d52801668319709e2865ced8296eca1
e329899d8c632f46c0fbdf6301d758c419c444e29e0b8c3b9cce010b17b3fcbd
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e78a917e84b3fb6053aded69c87a3671b78bc1a9c6879f40d4110d35d944065d
e8a98f2db2dcf5b4d074a61e774ee5ae5376e39843cab889e72fb54b60995f60
f07ad683b5e56352b20cf218b5b1f7b5eba26a11e36bd23b3b1ceb23dd6854fd
f28711052ffe3e57bc3ee786502645508e26b7c5188695aba410d4c8c145ff8f
f2d8aebf12652d1b8e206162f4eda56fa731498e288cd25727312348c28dac74
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

secure.gratowin.com Open in urlscan Pro 130.211.16.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

44 %IPv6

14 Domains

19 Subdomains

14 IPs

5 Countries

1519 kBTransfer

2988 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.gratowin.com Open in urlscan Pro
130.211.16.99 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

44 %
IPv6

14
Domains

19
Subdomains

14
IPs

5
Countries

1519 kB
Transfer

2988 kB
Size

15
Cookies

57 HTTP transactions
0 data transactions