urlscan.io logo urlscan.io
SecurityTrails logo

downloads.gratorama.com Open in urlscan Pro
104.155.24.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tpoumfxx.payforlife.org/2d4
Effective URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=1...
Submission: On February 26 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 7 countries across 16 domains to perform 39 HTTP transactions. The main IP is 104.155.24.96, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is downloads.gratorama.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 24th 2019. Valid for: a year.
This is the only time downloads.gratorama.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 46.41.148.242 12824 (HOMEPL-AS)
2 2 212.32.249.99 60781 (LEASEWEB-...)
1 185.255.179.132 202933 (CLOUDSOLU...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.155.24.96 15169 (GOOGLE)
18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 178.249.101.23 11054 (LIVEPERSON)
1 23.21.91.243 14618 (AMAZON-AES)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a03:6400:10:... 11054 (LIVEPERSON)
1 2a03:6400:10:... 11054 (LIVEPERSON)
2 208.89.12.87 11054 (LIVEPERSON)
39 19
1    46.41.148.242 (Poland)

ASN12824 (HOMEPL-AS, PL)
tpoumfxx.payforlife.org
2    212.32.249.99 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
url-partners.g2afse.com
1    185.255.179.132 (Riga, Latvia)

ASN202933 (CLOUDSOLUTIONS, RU)
fdfjhks.com
1    2606:4700:20::681a:3b7 (United States)

ASN13335 (CLOUDFLARENET, US)
click.power-ppp.com
1    104.155.24.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.24.155.104.bc.googleusercontent.com
downloads.gratorama.com
18    2606:4700:3035::681b:b171 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cg-platform.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6814:106a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-origin.netoplay.com
2    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    2a02:26f0:6c00:183::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
2    178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
1    23.21.91.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-91-243.compute-1.amazonaws.com
sample-api-v2.crazyegg.com
1    2606:4700:20::6819:3174 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.gratohelp.com
1    2606:4700:20::6819:4723 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.gratorama.com
1    2606:4700:20::6819:205 (United States)

ASN13335 (CLOUDFLARENET, US)
coreg.netopartners.com
1    2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
lpcdn.lpsnmedia.net
1    2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)
accdn.lpsnmedia.net
2    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
Domain Requested by
18 cdn.cg-platform.com downloads.gratorama.com
2 va.v.liveperson.net lptag.liveperson.net
2 lptag.liveperson.net tpoumfxx.payforlife.org
2 www.google-analytics.com www.googletagmanager.com
downloads.gratorama.com
2 url-partners.g2afse.com 2 redirects
1 accdn.lpsnmedia.net lptag.liveperson.net
1 lpcdn.lpsnmedia.net lptag.liveperson.net
1 coreg.netopartners.com
1 secure.gratorama.com
1 cdn.gratohelp.com ajax.googleapis.com
1 sample-api-v2.crazyegg.com script.crazyegg.com
1 cdn.optimizely.com www.googletagmanager.com
1 script.crazyegg.com www.googletagmanager.com
1 cdn-origin.netoplay.com downloads.gratorama.com
1 www.googletagmanager.com downloads.gratorama.com
1 ajax.googleapis.com downloads.gratorama.com
1 downloads.gratorama.com
1 click.power-ppp.com 1 redirects
1 fdfjhks.com
1 tpoumfxx.payforlife.org
39 20

This site contains links to these domains. Also see Links.

Domain
de.gratorama.com
Subject Issuer Validity Valid
*.gratorama.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-24 -
2020-07-23		 a year crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-30 -
2020-10-09		 8 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
ssl509026.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-31 -
2020-08-08		 6 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-28 -
2020-08-05		 6 months crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2020-01-20 -
2021-03-20		 a year crt.sh
*.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2017-12-17 -
2020-12-16		 3 years crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA		 2018-06-08 -
2020-08-05		 2 years crt.sh
ssl373134.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-17 -
2020-05-25		 6 months crt.sh
ssl391664.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-11 -
2020-05-19		 6 months crt.sh
ssl388049.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-24 -
2020-06-01		 6 months crt.sh
*.lpsnmedia.net
COMODO RSA Organization Validation Secure Server CA		 2018-02-26 -
2021-02-25		 3 years crt.sh
*.v.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2018-05-08 -
2020-05-07		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Frame ID: 0F339CB0D6C2B6270E093B2F97635B58
Requests: 40 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2Fdownloads.gratorama.com&site=70099149&env=prod
Frame ID: 411655550401C6246834B36886754702
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tpoumfxx.payforlife.org/2d4 Page URL
  2. http://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
    https://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
    http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875 Page URL
  3. https://click.power-ppp.com/click/5a1eaf842c4c2?brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliate... HTTP 302
    https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&af... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

39
Requests

92 %
HTTPS

65 %
IPv6

16
Domains

20
Subdomains

19
IPs

7
Countries

892 kB
Transfer

2493 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tpoumfxx.payforlife.org/2d4 Page URL
  2. http://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
    https://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
    http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875 Page URL
  3. https://click.power-ppp.com/click/5a1eaf842c4c2?brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv HTTP 302
    https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
  • https://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875 HTTP 302
  • http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
2d4
tpoumfxx.payforlife.org/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tpoumfxx.payforlife.org/2d4
Protocol
HTTP/1.1
Server
46.41.148.242 , Poland, ASN12824 (HOMEPL-AS, PL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.2.10
Resource Hash
3484380dcff9c0da485a8431ffe659e1815fa6dc16f89ee9375c57f0b80a8445

Request headers

Host
tpoumfxx.payforlife.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Wed, 26 Feb 2020 01:01:28 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1421
Connection
keep-alive
X-Powered-By
PHP/7.2.10
Cookie set xAkYYsMCA
fdfjhks.com/
Redirect Chain
  • http://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875
  • https://url-partners.g2afse.com/sl?id=5c9c1eb18d8a1100341a0442&pid=12875
  • http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875
289 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875
Protocol
HTTP/1.1
Server
185.255.179.132 Riga, Latvia, ASN202933 (CLOUDSOLUTIONS, RU),
Reverse DNS
Software
nginx /
Resource Hash
1951ec72df549b031597c9dbbf8480fddba9fad1719cdb788f2914a99149a04f

Request headers

Host
fdfjhks.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://tpoumfxx.payforlife.org/2d4
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://tpoumfxx.payforlife.org/2d4

Response headers

Server
nginx
Date
Wed, 26 Feb 2020 01:01:29 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Set-Cookie
cco_10573_17314=1; path=/; expires=Thu, 27 Feb 2020 01:01:29 GMT; httponly

Redirect headers

status
302
server
nginx
date
Wed, 26 Feb 2020 01:01:29 GMT
content-type
text/html; charset=utf-8
content-length
103
location
http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875
Primary Request /
downloads.gratorama.com/lp/de/wizard/
Redirect Chain
  • https://click.power-ppp.com/click/5a1eaf842c4c2?brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv
  • https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5...
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.155.24.96 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.24.155.104.bc.googleusercontent.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
f6318d370ba052da75e468f6383c83745915e9c2779eb75d0fb4362b7700eae9

Request headers

Host
downloads.gratorama.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://fdfjhks.com/xAkYYsMCA?offer=smartlink&cat=18&sub1=&sub2=12875

Response headers

Date
Wed, 26 Feb 2020 01:01:29 GMT
Server
Apache/2.4.7 (Ubuntu)
Last-Modified
Mon, 06 Jan 2020 12:41:59 GMT
ETag
"2688-59b77fc3fb3c0-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3199
Connection
close
Content-Type
text/html

Redirect headers

status
302
date
Wed, 26 Feb 2020 01:01:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d052cd4d4acc5103bf4c63cdba0f59c171582678889; expires=Fri, 27-Mar-20 01:01:29 GMT; path=/; domain=.power-ppp.com; HttpOnly; SameSite=Lax Click_5a1eaf842c4c2=a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%2210475%22%3B%7D; expires=Fri, 27-Mar-2020 01:01:29 GMT; Max-Age=2592000; path=/ Count=1; expires=Fri, 27-Mar-2020 01:01:29 GMT; Max-Age=2592000; path=/
rd
err: No redis
location
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56adfcf19f1d6443-FRA
LP_NEW2_01.jpg
cdn.cg-platform.com/en/GR/wizard/assets_eur/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/en/GR/wizard/assets_eur/LP_NEW2_01.jpg?v=1
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9357208c944ed1303ea56b95c3325b44591948b27a53818f8f307dd79ebf78f9

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
DYNAMIC
age
25
status
200
x-guploader-uploadid
AEnB2UpTJLkCJXZ8x6xc2D8MJiLkKSOiE_JE4qtKfURGJdpFl1gI6d5pVJPMezBpHUekLAsXdvVS324RpWTDsWd6RnQ5pVKigA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
55041
last-modified
Mon, 17 Sep 2018 06:13:49 GMT
server
cloudflare
etag
"cffef91fb95f879649fc41b37348ee76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=jiKVWQ==, md5=z/75H7lfh5ZJ/EGzc0judg==
content-type
image/jpeg
x-goog-generation
1537164829213003
cache-control
public, max-age=3600
x-goog-stored-content-length
55041
accept-ranges
bytes
cf-ray
56adfcf37abc1776-FRA
expires
Wed, 26 Feb 2020 02:01:04 GMT
LP_NEW2_02.jpg
cdn.cg-platform.com/de/GR/wizard/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/de/GR/wizard/LP_NEW2_02.jpg
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24646c0212b329c1cbd1f2c513ca89adb44022d0e600d606b97d8e2f4ce7cd03

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2Ups0tsM4WSKVslfn8U9L-KtNWzyEq4LJMdJs02fxfo8UdpuGDn_ivRstAQvXRyR8j3VLiM8gbxZ2b6tgRCKaA-VY1y6fA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
11160
last-modified
Fri, 19 Jan 2018 07:54:35 GMT
server
cloudflare
etag
"d3c0a443cb324f68e3dcd573a3f7770c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=FW0TWQ==, md5=08CkQ8syT2jj3NVzo/d3DA==
content-type
image/jpeg
x-goog-generation
1516348475740946
cache-control
public, max-age=14400
x-goog-stored-content-length
11160
accept-ranges
bytes
cf-ray
56adfcf37ab01776-FRA
expires
Wed, 26 Feb 2020 02:01:29 GMT
LP_NEW2_04.jpg
cdn.cg-platform.com/en/GW/wizard/optimized/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/en/GW/wizard/optimized/LP_NEW2_04.jpg
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234dfe74602426ccc288efac60debc3191882ed510de465f430f405448039033

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
909
status
200
x-guploader-uploadid
AEnB2Urza8B9Hk3iZL4ugNWCug8qTm1BApVBZMwQXdfn9VL2-oj_ZZBFY0_iSPCRwy5QKZEL9VW1fDntQoqUa1nNtEFkZB6Pzw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
38886
last-modified
Wed, 25 Jul 2018 13:44:25 GMT
server
cloudflare
etag
"7ca76ce816cec64f29957c2e5f37b0d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=5OxNmg==, md5=fKds6BbOxk8plXwuXzew1g==
content-type
image/jpeg
x-goog-generation
1532526265432543
cache-control
public, max-age=14400
x-goog-stored-content-length
38886
accept-ranges
bytes
cf-ray
56adfcf37ac01776-FRA
expires
Wed, 26 Feb 2020 01:46:20 GMT
LP_NEW2_05.jpg
cdn.cg-platform.com/en/GW/wizard/optimized/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/en/GW/wizard/optimized/LP_NEW2_05.jpg
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
650775510317112dd82f244f360797f4b212d5e876217e7b359a0c8f11d7b2c3

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
2888
status
200
x-guploader-uploadid
AEnB2UocZsKh_IrSDg2Gls2yqiBWHITQIh0U2uq34MfM_2zzaBr7f61-BgiCkZgXHVc2bPh_XuUU4QN3qkDrc6tuX6uSmjCkJA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
16169
last-modified
Wed, 25 Jul 2018 13:44:25 GMT
server
cloudflare
etag
"6954b00d9338f26ba37bdd1305e368cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=whjmqw==, md5=aVSwDZM48muje90TBeNozw==
content-type
image/jpeg
x-goog-generation
1532526265974350
cache-control
public, max-age=14400
x-goog-stored-content-length
16169
accept-ranges
bytes
cf-ray
56adfcf37ab31776-FRA
expires
Wed, 26 Feb 2020 01:13:21 GMT
LP_NEW2_03a.jpg
cdn.cg-platform.com/de/GR/wizard/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/de/GR/wizard/LP_NEW2_03a.jpg
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
268b57af4b401fa6f12107bc94ae501658e6a12d8e2e0402302d6dbb3318a5e4

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2Uqc9Ktd8qk-30dBZnQ1fL-CHSxq19r8hQfatl3i9KJTgjotFZupaqcuQfNlPa6amQDGvtbWAZEuMwm3NA3l3loiM930qQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
137214
last-modified
Fri, 19 Jan 2018 07:54:35 GMT
server
cloudflare
etag
"bfbe168742feb87d1b2f41c2c85387a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=0OVNCg==, md5=v74Wh0L+uH0bL0HCyFOHoQ==
content-type
image/jpeg
x-goog-generation
1516348475813196
cache-control
public, max-age=14400
x-goog-stored-content-length
137214
accept-ranges
bytes
cf-ray
56adfcf37ab61776-FRA
expires
Wed, 26 Feb 2020 02:01:29 GMT
LP_NEW2_03b.jpg
cdn.cg-platform.com/en/GW/wizard/optimized/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/en/GW/wizard/optimized/LP_NEW2_03b.jpg
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3110a3711d2e2d1fac2140c393e529d09fa4d79e9903a3b2b1f5f56b918d37fd

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
909
status
200
x-guploader-uploadid
AEnB2UpbB642bhMBOzWAbaDRs6aKsZxPSXZfaDuT3sy9SUEZf6sqACVQbEIxZbVrFFDPMR4woFw3_PyNIyJPeyGSv99rcNTUSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15323
last-modified
Wed, 25 Jul 2018 13:44:25 GMT
server
cloudflare
etag
"9fd7b6d9d21097d52ff245c2b5c1ff92"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yv3z+A==, md5=n9e22dIQl9Uv8kXCtcH/kg==
content-type
image/jpeg
x-goog-generation
1532526265399745
cache-control
public, max-age=14400
x-goog-stored-content-length
15323
accept-ranges
bytes
cf-ray
56adfcf37ab41776-FRA
expires
Wed, 26 Feb 2020 01:46:20 GMT
button.gif
cdn.cg-platform.com/de/GR/wizard/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/de/GR/wizard/button.gif
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f38519b5e0769acf8430e19f633bb180a7e1e41b440096b3a419996cb78b79

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
2888
status
200
x-guploader-uploadid
AEnB2UrgySDcNsWo-r_G6l8RucleWEqt6VWZcUvEtqY2zHXBhhioSwLiMZR5fdUSkk0g7un0lx1dAFQ9hIVcJGO76QHDaKfQ2w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
156076
last-modified
Tue, 18 Sep 2018 12:45:35 GMT
server
cloudflare
etag
"c7aabc81699ad7c29fe29f22c7215dcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ZqYnrg==, md5=x6q8gWma18Kf4p8ixyFdzQ==
content-type
image/gif
x-goog-generation
1537274735605214
cache-control
public, max-age=14400
x-goog-stored-content-length
156076
accept-ranges
bytes
cf-ray
56adfcf37aaf1776-FRA
expires
Wed, 26 Feb 2020 01:13:21 GMT
LP_NEW2_06.jpg
cdn.cg-platform.com/de/GR/wizard/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/de/GR/wizard/LP_NEW2_06.jpg
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08bd344aa589c90be99fad785d4f62e3bc98efdb04c023828fb89b3675f31f2

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
REVALIDATED
status
200
x-guploader-uploadid
AEnB2Uo5Zt25hfJ0GDIcTacrSkxuZWV9ndzXThXv4n-tuQPnlYYTYZZkA8aOiS3a23SrignzKUzL8-c1pGH0WouiZScNN59C2Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
78454
last-modified
Fri, 19 Jan 2018 07:54:37 GMT
server
cloudflare
etag
"c09df8c0dc6bce70e6f6b0da6fbc08ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=1/rUNw==, md5=wJ34wNxrznDm9rDab7wIqw==
content-type
image/jpeg
x-goog-generation
1516348477095017
cache-control
public, max-age=14400
x-goog-stored-content-length
78454
accept-ranges
bytes
cf-ray
56adfcf37aad1776-FRA
expires
Wed, 26 Feb 2020 02:01:29 GMT
left-side.jpg
cdn.cg-platform.com/en/GW/wizard/optimized/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/en/GW/wizard/optimized/left-side.jpg
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844d374e9530d36e092b95dbd4463c08bcc7ea92037d6e82b258feea35e73765

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
2888
status
200
x-guploader-uploadid
AEnB2UpibbyfRhP8Rg8ztdToEr9CKXR9cpk-7IhVEabs394wx9L96YYlNmJey6BqR3NztigSSyjAz26yYzT5kZLlqJ7yDdYQqg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
7082
last-modified
Wed, 25 Jul 2018 14:00:55 GMT
server
cloudflare
etag
"19f54e1a474722d16142049df8c84a54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=M8+eeQ==, md5=GfVOGkdHItFhQgSd+MhKVA==
content-type
image/jpeg
x-goog-generation
1532527255034936
cache-control
public, max-age=14400
x-goog-stored-content-length
7082
accept-ranges
bytes
cf-ray
56adfcf37ab11776-FRA
expires
Wed, 26 Feb 2020 01:13:21 GMT
right-side.jpg
cdn.cg-platform.com/en/GW/wizard/optimized/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/en/GW/wizard/optimized/right-side.jpg
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cecfc78adf36aa26741d901b795c00084291ee0e10ddfb7d3a4cb4373d8ef06e

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
909
status
200
x-guploader-uploadid
AEnB2UrdRS0VRpOoFtKnvBeH8tkWS-I22y8ehPU1lHru6m7b2WQrP1chr_-74TQQY6iYy0f_DOciPxk6yJbtZVprARP9JPaKjg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
7163
last-modified
Wed, 25 Jul 2018 14:00:55 GMT
server
cloudflare
etag
"cf45f052df364120e75712927e09b385"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=yS3u8g==, md5=z0XwUt82QSDnVxKSfgmzhQ==
content-type
image/jpeg
x-goog-generation
1532527255072895
cache-control
public, max-age=14400
x-goog-stored-content-length
7163
accept-ranges
bytes
cf-ray
56adfcf37ab81776-FRA
expires
Wed, 26 Feb 2020 01:13:21 GMT
sec-DE-desktop.png
cdn.cg-platform.com/de/GR/wizard/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/de/GR/wizard/sec-DE-desktop.png
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
909ad56ac847f1c149f72fbef682d7d9c1f317824d35c7f3ae20839d336848f9

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
2888
status
200
x-guploader-uploadid
AEnB2UrJOffkV02PIhMyLIivV-CMoLBAz2rzz05hXa93GSz2yUj34xPgK7fqGj3_UK902QEGxFfeUTcuxrVB6VrWUEqtILFBYQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
5829
last-modified
Fri, 19 Jan 2018 07:54:38 GMT
server
cloudflare
etag
"34a60e53a0b11ca4184bc6eac5932d5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=K5zheg==, md5=NKYOU6CxHKQYS8bqxZMtXg==
content-type
image/png
x-goog-generation
1516348478547404
cache-control
public, max-age=14400
x-goog-stored-content-length
5829
accept-ranges
bytes
cf-ray
56adfcf37abe1776-FRA
expires
Wed, 26 Feb 2020 01:13:21 GMT
pay-DE.png
cdn.cg-platform.com/de/GR/wizard/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/de/GR/wizard/pay-DE.png
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1151c010f0d4b598ac3beffe3e8ac54695461e925b3d408a75657bce6547756

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
2888
status
200
x-guploader-uploadid
AEnB2Uq2MvM-28SCDoXVamij7hFz4eKuQKPizNadbWFLFEkMIe13-oXlMRqj9UuX69oW_jwMc7u7Slvg05mPDL5fGCKODqX4yQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
6313
last-modified
Fri, 19 Jan 2018 07:54:38 GMT
server
cloudflare
etag
"634612c2c84494bc43c5bdae8ae64230"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=3E95zg==, md5=Y0YSwshElLxDxb2uiuZCMA==
content-type
image/png
x-goog-generation
1516348478100518
cache-control
public, max-age=14400
x-goog-stored-content-length
6313
accept-ranges
bytes
cf-ray
56adfcf37aa91776-FRA
expires
Wed, 26 Feb 2020 01:13:21 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 31 Jan 2020 00:54:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2246821
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Jan 2021 00:54:28 GMT
utils.js
cdn.cg-platform.com/script/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/script/utils.js?xxxx
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e26ec148d4b408dacd8094d70f4c3651b921020b7b0c5ec09f28b6b7a412ab38

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
age
491
status
200
x-guploader-uploadid
AEnB2UoCIjuB_avAe3Ih0dzQpv2nKkv3fPhIJfTDE2CvgHy8QMlPlr5NMPBthKHvE5cU4CTGdYDdgv5j9kL3e9loPPIuHjtH9g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 27 Jan 2020 14:04:36 GMT
server
cloudflare
etag
W/"cb16d4ac0ad6f6147032f928ff244df8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=ksmUSg==, md5=yxbUrArW9hRwMvko/yRN+A==
content-type
text/javascript
x-goog-generation
1580133876391993
cache-control
public, max-age=3600
x-goog-stored-content-length
28355
cf-ray
56adfcf37ab71776-FRA
expires
Wed, 26 Feb 2020 01:53:18 GMT
popups.js
cdn.cg-platform.com/script/ 		30 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/script/popups.js
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea49c445954c3eca48a5886ba4d6fe971e27189e5e9483a37af902b63beee191

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
br
cf-cache-status
HIT
age
2070
status
200
x-guploader-uploadid
AEnB2Upt8pVYDQIQO5GFRPjpNCBq1NZ0vAPZLcjh7V0uf_-HLwSbmZuaR1JqDL-lkVF_ORIfPMK6szZvZOoKhGrPW2lCPlLjaw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Sun, 26 Jan 2020 09:30:30 GMT
server
cloudflare
etag
W/"d309acdb49982d81246e108448c0a271"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=4NlHGQ==, md5=0wms20mYLYEkbhCESMCicQ==
content-type
text/javascript
x-goog-generation
1580031030462010
cache-control
public, max-age=14400
x-goog-stored-content-length
30279
cf-ray
56adfcf37abf1776-FRA
expires
Wed, 26 Feb 2020 01:26:59 GMT
gtm.js
www.googletagmanager.com/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f9510e7a47e6948434312f19d6ad6f588b2de9d6f9335e264fa5b6f18ca20bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27024
x-xss-protection
0
last-modified
Wed, 26 Feb 2020 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Feb 2020 01:01:29 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
winners-sprite.png
cdn.cg-platform.com/en/GR/wizard/assets_eur/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cg-platform.com/en/GR/wizard/assets_eur/winners-sprite.png
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67c5806f3a0486649203c97b5af44ae18908f7eb0b101772986fc7323a99dbe

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
HIT
age
25
status
200
x-guploader-uploadid
AEnB2UpMHpR_o2d6VNHyTqNIZMasFA-G3ev3DhlDrXikssUv8Y0UCW0EZwHtzm1Xxx-F822lB4OiNPtRR6NVmLZzlO3VKzfJNg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
35349
last-modified
Mon, 17 Sep 2018 06:42:45 GMT
server
cloudflare
etag
"090360882712731474227314d65ac31c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=hH9XJQ==, md5=CQNgiCcScxR0InMU1lrDHA==
content-type
image/png
x-goog-generation
1537166565365983
cache-control
public, max-age=14400
x-goog-stored-content-length
35349
accept-ranges
bytes
cf-ray
56adfcf37aab1776-FRA
expires
Wed, 26 Feb 2020 02:01:04 GMT
LP_NEW2_04.mp4
cdn.cg-platform.com/en/GR/wizard/assets_eur/ 		320 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/en/GR/wizard/assets_eur/LP_NEW2_04.mp4
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Sec-Fetch-Dest
video
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
DYNAMIC
age
25
x-guploader-uploadid
AEnB2UpA1zw1l_NLvYsxHIwnpGl6ZXxrEAknTm0PCKsIeokaozvUW4nkxP_dU1CQ3rYxdCQFMZfxu1ow_otopV6TMR379LZMSQ
x-goog-storage-class
MULTI_REGIONAL
status
206
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
video/mp4
Content-Length
980523
Content-Range
bytes 0-980522/980523
last-modified
Mon, 16 Jul 2018 05:41:41 GMT
server
cloudflare
etag
"605d568d3352c8a28d77ca3bf3ee3603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-hash
crc32c=8It5Aw==, md5=YF1WjTNSyKKNd8o78+42Aw==
x-goog-generation
1531719701835945
cache-control
public, max-age=3600
x-goog-stored-content-length
980523
accept-ranges
bytes
cf-ray
56adfcf3bb1a1776-FRA
expires
Wed, 26 Feb 2020 02:01:04 GMT
visitorCountry.php
cdn-origin.netoplay.com/ 		354 B
543 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-origin.netoplay.com/visitorCountry.php?language=de
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::6814:106a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.26
Resource Hash
14c7d58cc6e1203b8d9abf0c8d4a49909259ecdd95638a598998220001c8472e

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
56adfcf3bfe9978a-FRA
content-length
189
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4158
date
Tue, 25 Feb 2020 23:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Wed, 26 Feb 2020 01:52:11 GMT
6704.js
script.crazyegg.com/pages/scripts/0078/ 		131 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0078/6704.js?439633
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1440e686a8b1206a785c6fcbbd2cfae777256b6d5c75db7c43ff389ecdb9f3e6

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 25 Feb 2020 19:36:28 GMT
server
cloudflare
age
19501
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
56adfcf37b1b1456-FRA
access-control-allow-origin
*
content-length
39940
2795020731.js
cdn.optimizely.com/js/ 		204 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/2795020731.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MM92NX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:183::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c538a69f4747b78323cd7f4d76da9123df04a127034148c0ad17562c6d855a5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
EpdQ6r6Oitr.pOrubyKHiASjHoald.te
content-encoding
gzip
x-amz-request-id
18079322EA33D74A
status
200
access-control-max-age
86400
date
Wed, 26 Feb 2020 01:01:29 GMT
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="6";dur=0,cdnip;desc="2a02:26f0:6c00:183::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
content-length
68734
x-amz-id-2
De3AynbUbKxkMDdkaYsaBFh90t/BpdOgcs4Svz1iB5xMENOzpOQGs3Iw5W8uXpcIHViRa8RugmM=
last-modified
Sun, 29 Jan 2017 18:50:20 GMT
server
AmazonS3
etag
"627f282e61570a462ba66c11e6292d2c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
322
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
tag.js
lptag.liveperson.net/tag/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=70099149
Requested by
Host: tpoumfxx.payforlife.org
URL: http://tpoumfxx.payforlife.org/2d4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
gzip
last-modified
Tue, 21 Aug 2018 07:47:45 GMT
server
ws
etag
"5b7bc3a1-198d"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
6541
collect
www.google-analytics.com/r/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=212312047&t=pageview&_s=1&dl=https%3A%2F%2Fdownloads.gratorama.com%2Flp%2Fde%2Fwizard%2F%3FInc%3D22733734%26brandId%3D2%26campaignId%3D53072%26mediaId%3D5236%26mode%3D1%26affiliateProfileName%3D10573-mac%26cid%3D02-gpkwrn2wbukh0fw1uaefo1e5smv%26ABClicks%3D1%26shorten_link%3D5a1eaf842c4c2%26shorten_target%3D10475%26netoClickId%3D5e55c3695e0f95043421a6f9&dp=https%3A%2F%2Fdownloads.gratorama.com%2Flp%2Fde%2Fwizard%2F%3FInc%3D22733734%26brandId%3D2%26campaignId%3D53072%26mediaId%3D5236%26mode%3D1%26affiliateProfileName%3D10573-mac%26cid%3D02-gpkwrn2wbukh0fw1uaefo1e5smv%26ABClicks%3D1%26shorten_link%3D5a1eaf842c4c2%26shorten_target%3D10475%26netoClickId%3D5e55c3695e0f95043421a6f9&ul=en-us&de=UTF-8&dt=Gratorama%20-%20Wizard%20Fortune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=986830796&gjid=1625828012&cid=633419003.1582678890&tid=UA-27702367-3&_gid=1579897544.1582678890&_r=1&gtm=2wg2c0MM92NX&cd1=2&cd3=10573-mac&cd4=5236&cd6=53072&z=718894198
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Wed, 26 Feb 2020 01:01:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
sample-api-v2.crazyegg.com/n/786704/ 		63 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sample-api-v2.crazyegg.com/n/786704/all?v=7&user_script_version=1582659384
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0078/6704.js?439633
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.91.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-91-243.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
261f67228ac8524ed757157fa21bff5127f995a95056db96b8490d7f4e1b3ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Origin
https://downloads.gratorama.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 26 Feb 2020 01:01:29 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.12.1
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET
Content-Type
text/html;charset=utf-8
Access-Control-Allow-Origin
*
Cache-control
no-cache="set-cookie"
Connection
keep-alive
Content-Length
63
X-XSS-Protection
1; mode=block
LP_NEW2_04.mp4
cdn.cg-platform.com/en/GR/wizard/assets_eur/ 		30 KB
30 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/en/GR/wizard/assets_eur/LP_NEW2_04.mp4
Requested by
Host: downloads.gratorama.com
URL: https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ad72053ffa22a97509d328b148f30144dcfc7a37b614d5f2adcabdec9c447d

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Sec-Fetch-Dest
video
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=950272-

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
DYNAMIC
age
25
x-guploader-uploadid
AEnB2UpA1zw1l_NLvYsxHIwnpGl6ZXxrEAknTm0PCKsIeokaozvUW4nkxP_dU1CQ3rYxdCQFMZfxu1ow_otopV6TMR379LZMSQ
x-goog-storage-class
MULTI_REGIONAL
status
206
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
video/mp4
Content-Length
30251
Content-Range
bytes 950272-980522/980523
last-modified
Mon, 16 Jul 2018 05:41:41 GMT
server
cloudflare
etag
"605d568d3352c8a28d77ca3bf3ee3603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-hash
crc32c=8It5Aw==, md5=YF1WjTNSyKKNd8o78+42Aw==
x-goog-generation
1531719701835945
cache-control
public, max-age=3600
x-goog-stored-content-length
980523
accept-ranges
bytes
cf-ray
56adfcf43bc51776-FRA
expires
Wed, 26 Feb 2020 02:01:04 GMT
.jsonp
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 		235 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by
Host: tpoumfxx.payforlife.org
URL: http://tpoumfxx.payforlife.org/2d4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
af10df62c630086614d578c53243e240d282313cc79df747bfaab8ca37b5f419

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
serverTime.php
cdn.gratohelp.com/assets/js/ 		89 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gratohelp.com/assets/js/serverTime.php?_=1582678889486
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:3174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.5.9-1ubuntu4.29
Resource Hash
42333045ac0568b97b189473f91e5b4fa942f83c6d63bf596edc673bd26bb42c

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.5.9-1ubuntu4.29
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
56adfcf4d820d6f9-FRA
/
secure.gratorama.com/server/clickstats/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gratorama.com/server/clickstats/?brandId=2&deviceCategory=1&campaignId=53072&mediaId=5236&affiliateProfileName=10573-mac&referer=https%3A%2F%2Fdownloads.gratorama.com%2Flp%2Fde%2Fwizard%2F%3Fshorten_link%3D5a1eaf842c4c2%26shorten_target%3D10475%26netoClickId%3D5e55c3695e0f95043421a6f9%26Inc%3D22733734%26brandId%3D2%26campaignId%3D53072%26mediaId%3D5236%26mode%3D1%26affiliateProfileName%3D10573-mac%26cid%3D02-gpkwrn2wbukh0fw1uaefo1e5smv%26ABClicks%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:4723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain
status
200
cf-ray
56adfcf4cc389754-FRA
content-length
0
22733734
coreg.netopartners.com/traffic/registration/minisite/ 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coreg.netopartners.com/traffic/registration/minisite/22733734
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.3.10-1ubuntu3.26
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/5.3.10-1ubuntu3.26
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
status
200
cf-ray
56adfcf4d8a0dfef-FRA
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/ Frame 4116 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2Fdownloads.gratorama.com&site=70099149&env=prod
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash

Request headers

:method
GET
:authority
lpcdn.lpsnmedia.net
:scheme
https
:path
/le_secure_storage/3.9.0.13-release_5023/storage.secure.min.html?loc=https%3A%2F%2Fdownloads.gratorama.com&site=70099149&env=prod
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9

Response headers

status
200
date
Wed, 26 Feb 2020 01:01:29 GMT
content-type
text/html
last-modified
Tue, 18 Feb 2020 15:26:16 GMT
content-encoding
gzip
server
ws
vary
Origin
access-control-allow-methods
GET, POST, PATCH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
expires
Wed, 26 Feb 2020 01:11:29 GMT
cache-control
max-age=600
zones
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/ 		18 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
eefd82948fa8c432c31f0983b083095dc0e5b40322df711a6de4e55c90f9b24e

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:29 GMT
content-encoding
gzip
server
ws
x-cache-status
HIT
vary
Accept
content-type
application/javascript
status
200
expires
Wed, 26 Feb 2020 01:01:32 GMT
70099149
va.v.liveperson.net/api/js/ 		238 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?&cb=lpCb40848x91655&t=sp&ts=1582678889702&pid=8670811522&tid=2938084756&pt=Gratorama%20-%20Wizard%20Fortune&u=https%3A%2F%2Fdownloads.gratorama.com%2Flp%2Fde%2Fwizard%2F%3FInc%3D22733734%26brandId%3D2%26campaignId%3D53072%26mediaId%3D5236%26mode%3D1%26affiliateProfileName%3D10573-mac%26cid%3D02-gpkwrn2wbukh0fw1uaefo1e5smv%26ABClicks%3D1%26shorten_link%3D5a1eaf842c4c2%26shorten_target%3D10475%26netoClickId%3D5e55c3695e0f95043421a6f9&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
80d154f4477f3d12549fa6802fe5ee32ddebe26a5562c69b75d1d62f9afb6647

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:30 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
70099149
va.v.liveperson.net/api/js/ 		110 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/70099149?sid=V_Fx-9afQ3Ks8Nc6yMRKtw&cb=lpCb14587x89293&t=pl&ts=1582678889906&pid=8670811522&tid=2938084756&vid=kyZmEwYWJjYTA1ZjI1MWQy
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
0dceaa9ada6d0a4e546d5fce8f4c2047684ab7786a53ed33f8172e3e1ee5cedb

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 01:01:30 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
status
200
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
LP_NEW2_04.mp4
cdn.cg-platform.com/en/GR/wizard/assets_eur/ 		696 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.cg-platform.com/en/GR/wizard/assets_eur/LP_NEW2_04.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::681b:b171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://downloads.gratorama.com/lp/de/wizard/?Inc=22733734&brandId=2&campaignId=53072&mediaId=5236&mode=1&affiliateProfileName=10573-mac&cid=02-gpkwrn2wbukh0fw1uaefo1e5smv&ABClicks=1&shorten_link=5a1eaf842c4c2&shorten_target=10475&netoClickId=5e55c3695e0f95043421a6f9
Sec-Fetch-Dest
video
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=262144-

Response headers

date
Wed, 26 Feb 2020 01:01:30 GMT
cf-cache-status
DYNAMIC
age
26
x-guploader-uploadid
AEnB2UpA1zw1l_NLvYsxHIwnpGl6ZXxrEAknTm0PCKsIeokaozvUW4nkxP_dU1CQ3rYxdCQFMZfxu1ow_otopV6TMR379LZMSQ
x-goog-storage-class
MULTI_REGIONAL
status
206
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
video/mp4
Content-Length
718379
Content-Range
bytes 262144-980522/980523
last-modified
Mon, 16 Jul 2018 05:41:41 GMT
server
cloudflare
etag
"605d568d3352c8a28d77ca3bf3ee3603"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-hash
crc32c=8It5Aw==, md5=YF1WjTNSyKKNd8o78+42Aw==
x-goog-generation
1531719701835945
cache-control
public, max-age=3600
x-goog-stored-content-length
980523
accept-ranges
bytes
cf-ray
56adfcf9c9bc1776-FRA
expires
Wed, 26 Feb 2020 02:01:04 GMT
70099149
va.v.liveperson.net/api/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
va.v.liveperson.net
URL
https://va.v.liveperson.net/api/js/70099149?sid=V_Fx-9afQ3Ks8Nc6yMRKtw&cb=lpCb83590x88866&t=ip&ts=1582678900554&pid=8670811522&tid=2938084756&vid=kyZmEwYWJjYTA1ZjI1MWQy

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| brandInfo string| defaultBrandInfo function| $ function| jQuery object| google_tag_manager string| GoogleAnalyticsObject function| ga object| lpTag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| CE2 string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| platformWindow function| get_url_parameter function| getAllUrlParams object| Cookies object| Preferences function| getParamsFromFunction function| getParamsFromCookie function| checkInArray function| checkClick function| getStringCookieProperties function| OpenGamesWindowIt function| OpenGamesWindow function| openLiveChat function| printPixel function| registerUser function| isDepositor function| getVIPLevel function| fireEvent function| isReal object| lpMTagConfig function| lpAddMonitorTag function| getMobileDomain object| isMobile object| jQuery110207420625204884606 string| lang string| imgUrl boolean| popup_shown string| lightBoxJS string| lightBoxCSS boolean| lightBoxLoaded boolean| exit_shown string| campaignId function| promoSideBanners function| promoBanners function| showExitPopup function| showUKPopup function| showExitPopupNonSignup1 function| showFreeSpin object| geolocation object| optly object| optimizely function| countryCode function| getCurrencySymbol function| getCurrencyString function| getCurrencyForPlatform function| getServerDate function| extraParameters function| _typeof function| _extends function| getServerTime

22 Cookies

Domain/Path Name / Value
.gratorama.com/ Name: IncPar
Value: 22733734
.gratorama.com/ Name: unikClick
Value: yes
.gratorama.com/ Name: optimizelySegments
Value: %7B%222791241700%22%3A%22gc%22%2C%222796460952%22%3A%22direct%22%2C%222804030355%22%3A%22false%22%7D
.gratorama.com/ Name: optimizelyEndUserId
Value: oeu1582678889608r0.7179368966587825
.gratorama.com/ Name: shorten_target
Value: 10475
.gratorama.com/ Name: ABClicks
Value: 1
.gratorama.com/ Name: netoClickId
Value: 5e55c3695e0f95043421a6f9
.gratorama.com/ Name: _gid
Value: GA1.2.1579897544.1582678890
.gratorama.com/ Name: mode
Value: 1
.gratorama.com/ Name: campaignId
Value: 53072
.gratorama.com/ Name: mediaId
Value: 5236
.gratorama.com/ Name: referer
Value: https%253A%252F%252Fdownloads.gratorama.com%252Flp%252Fde%252Fwizard%252F%253Fshorten_link%253D5a1eaf842c4c2%2526shorten_target%253D10475%2526netoClickId%253D5e55c3695e0f95043421a6f9%2526Inc%253D22733734%2526brandId%253D2%2526campaignId%253D53072%2526mediaId%253D5236%2526mode%253D1%2526affiliateProfileName%253D10573-mac%2526cid%253D02-gpkwrn2wbukh0fw1uaefo1e5smv%2526ABClicks%253D1
.gratorama.com/ Name: Inc
Value: 22733734
.gratorama.com/ Name: optimizelyPendingLogEvents
Value: %5B%5D
.gratorama.com/ Name: optimizelyBuckets
Value: %7B%7D
.gratorama.com/ Name: affiliateProfileName
Value: 10573-mac
.gratorama.com/ Name: _gat_UA-27702367-3
Value: 1
.gratorama.com/ Name: brandId
Value: 2
.gratorama.com/ Name: lang
Value: de
.gratorama.com/ Name: shorten_link
Value: 5a1eaf842c4c2
.gratorama.com/ Name: cid
Value: 02-gpkwrn2wbukh0fw1uaefo1e5smv
.gratorama.com/ Name: _ga
Value: GA1.2.633419003.1582678890

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
ajax.googleapis.com
cdn-origin.netoplay.com
cdn.cg-platform.com
cdn.gratohelp.com
cdn.optimizely.com
click.power-ppp.com
coreg.netopartners.com
downloads.gratorama.com
fdfjhks.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
sample-api-v2.crazyegg.com
script.crazyegg.com
secure.gratorama.com
tpoumfxx.payforlife.org
url-partners.g2afse.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
va.v.liveperson.net
104.155.24.96
178.249.101.23
185.255.179.132
208.89.12.87
212.32.249.99
23.21.91.243
2606:4700:10::6814:106a
2606:4700:20::6819:205
2606:4700:20::6819:3174
2606:4700:20::6819:4723
2606:4700:20::681a:3b7
2606:4700:3035::681b:b171
2606:4700::6813:9308
2a00:1450:4001:80b::200a
2a00:1450:4001:825::2008
2a00:1450:4001:825::200e
2a02:26f0:6c00:183::13b8
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
46.41.148.242
0dceaa9ada6d0a4e546d5fce8f4c2047684ab7786a53ed33f8172e3e1ee5cedb
1440e686a8b1206a785c6fcbbd2cfae777256b6d5c75db7c43ff389ecdb9f3e6
14c7d58cc6e1203b8d9abf0c8d4a49909259ecdd95638a598998220001c8472e
1951ec72df549b031597c9dbbf8480fddba9fad1719cdb788f2914a99149a04f
234dfe74602426ccc288efac60debc3191882ed510de465f430f405448039033
24646c0212b329c1cbd1f2c513ca89adb44022d0e600d606b97d8e2f4ce7cd03
261f67228ac8524ed757157fa21bff5127f995a95056db96b8490d7f4e1b3ba4
268b57af4b401fa6f12107bc94ae501658e6a12d8e2e0402302d6dbb3318a5e4
3110a3711d2e2d1fac2140c393e529d09fa4d79e9903a3b2b1f5f56b918d37fd
3484380dcff9c0da485a8431ffe659e1815fa6dc16f89ee9375c57f0b80a8445
3c538a69f4747b78323cd7f4d76da9123df04a127034148c0ad17562c6d855a5
42333045ac0568b97b189473f91e5b4fa942f83c6d63bf596edc673bd26bb42c
56f38519b5e0769acf8430e19f633bb180a7e1e41b440096b3a419996cb78b79
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
650775510317112dd82f244f360797f4b212d5e876217e7b359a0c8f11d7b2c3
73ad72053ffa22a97509d328b148f30144dcfc7a37b614d5f2adcabdec9c447d
7f9510e7a47e6948434312f19d6ad6f588b2de9d6f9335e264fa5b6f18ca20bb
80d154f4477f3d12549fa6802fe5ee32ddebe26a5562c69b75d1d62f9afb6647
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844d374e9530d36e092b95dbd4463c08bcc7ea92037d6e82b258feea35e73765
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
909ad56ac847f1c149f72fbef682d7d9c1f317824d35c7f3ae20839d336848f9
9357208c944ed1303ea56b95c3325b44591948b27a53818f8f307dd79ebf78f9
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
af10df62c630086614d578c53243e240d282313cc79df747bfaab8ca37b5f419
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
cecfc78adf36aa26741d901b795c00084291ee0e10ddfb7d3a4cb4373d8ef06e
e08bd344aa589c90be99fad785d4f62e3bc98efdb04c023828fb89b3675f31f2
e26ec148d4b408dacd8094d70f4c3651b921020b7b0c5ec09f28b6b7a412ab38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea49c445954c3eca48a5886ba4d6fe971e27189e5e9483a37af902b63beee191
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eefd82948fa8c432c31f0983b083095dc0e5b40322df711a6de4e55c90f9b24e
f1151c010f0d4b598ac3beffe3e8ac54695461e925b3d408a75657bce6547756
f6318d370ba052da75e468f6383c83745915e9c2779eb75d0fb4362b7700eae9
f67c5806f3a0486649203c97b5af44ae18908f7eb0b101772986fc7323a99dbe