secure.gratowin.com Open in urlscan Pro
130.211.16.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fb.ship-eez.net/campaigns/sr207rgkze1d3/track-url/rw414wd9x0aa2/41a266a8f49bc5555de90163f7f6957b23d0c674
Effective URL:
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affi...
Submission: On October 21 via manual (October 21st 2020, 3:03:19 am UTC) from PH

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 14 domains to perform 57 HTTP transactions. The main IP is 130.211.16.99, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is secure.gratowin.com.
TLS certificate: Issued by GTS CA 1D2 on October 13th 2020. Valid for: 3 months.

This is the only time secure.gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	147.135.64.69 147.135.64.69	16276 (OVH) (OVH)
1 1	46.137.70.201 46.137.70.201	16509 (AMAZON-02) (AMAZON-02)
1 1	35.227.235.12 35.227.235.12	15169 (GOOGLE) (GOOGLE)
1 7	34.102.220.22 34.102.220.22	15169 (GOOGLE) (GOOGLE)
23	130.211.16.99 130.211.16.99	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
3	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
1	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
7	2a03:6400:10:... 2a03:6400:10:0:178:249:97:99	11054 (LIVEPERSON) (LIVEPERSON)
4	2a03:6400:10:... 2a03:6400:10:0:178:249:97:98	11054 (LIVEPERSON) (LIVEPERSON)
6	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
57	12

1 147.135.64.69 (Reston, United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ns101960.ip-147-135-64.us

fb.ship-eez.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.137.70.201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-46-137-70-201.eu-west-1.compute.amazonaws.com

sacett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.235.12 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 12.235.227.35.bc.googleusercontent.com

click.power-ppp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.102.220.22 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.220.102.34.bc.googleusercontent.com

www.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdrn.hermione-ltd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
root.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 130.211.16.99 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 99.16.211.130.bc.googleusercontent.com

secure.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gratowin.com 1 redirects www.gratowin.com secure.gratowin.com static.gratowin.com	1 MB
11	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	40 KB
9	liveperson.net lptag.liveperson.net va.v.liveperson.net	102 KB
5	netoplaycdn.com root.netoplaycdn.com	5 KB
3	google-analytics.com www.google-analytics.com	18 KB
1	ipinfo.io ipinfo.io	447 B
1	googletagmanager.com www.googletagmanager.com	46 KB
1	jquery.com code.jquery.com	66 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	20 KB
1	hermione-ltd.com cdrn.hermione-ltd.com
1	power-ppp.com 1 redirects click.power-ppp.com	453 B
1	sacett.com 1 redirects sacett.com	821 B
1	ship-eez.net 1 redirects fb.ship-eez.net	547 B
0	ngplatform.com Failed update.ngplatform.com Failed
57	14

	Domain	Requested by
16	secure.gratowin.com	secure.gratowin.com
7	accdn.lpsnmedia.net	lptag.liveperson.net
7	static.gratowin.com	secure.gratowin.com static.gratowin.com
6	va.v.liveperson.net	lptag.liveperson.net
5	root.netoplaycdn.com	secure.gratowin.com
4	lpcdn.lpsnmedia.net	lptag.liveperson.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com secure.gratowin.com
3	lptag.liveperson.net	secure.gratowin.com
1	ipinfo.io	secure.gratowin.com
1	www.googletagmanager.com	secure.gratowin.com
1	code.jquery.com	secure.gratowin.com
1	maxcdn.bootstrapcdn.com	secure.gratowin.com
1	cdrn.hermione-ltd.com	secure.gratowin.com
1	www.gratowin.com	1 redirects
1	click.power-ppp.com	1 redirects
1	sacett.com	1 redirects
1	fb.ship-eez.net	1 redirects
0	update.ngplatform.com Failed	secure.gratowin.com
57	18

This site contains no links.

Subject Issuer	Validity	Valid
secure.gratowin.com GTS CA 1D2	`2020-10-13` - `2021-01-11`	3 months	crt.sh
static.gratowin.com GTS CA 1D2	`2020-10-13` - `2021-01-11`	3 months	crt.sh
downloads-scratchmania-origin.netoplay.com GTS CA 1D2	`2020-10-14` - `2021-01-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.liveperson.net COMODO RSA Organization Validation Secure Server CA	`2017-12-17` - `2020-12-16`	3 years	crt.sh
ipinfo.io GTS CA 1D2	`2020-09-27` - `2020-12-26`	3 months	crt.sh
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA	`2018-02-26` - `2021-02-25`	3 years	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Frame ID: B569ACCABF7596D28D8953D1F08350D9
Requests: 55 HTTP requests in this frame

Frame: https://update.ngplatform.com/index.html
Frame ID: 5A9AA463850C60A54EDC59B54F54981B
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod
Frame ID: A88A3EBD5C9C86EBE5211F891C6E6A04
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://fb.ship-eez.net/campaigns/sr207rgkze1d3/track-url/rw414wd9x0aa2/41a266a8f49bc5555de90163f7f6... HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&a... HTTP 302
https://www.gratowin.com/dlink.php?Inc=77314617&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=... HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affilia... Page URL
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LivePerson (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

57
Requests

98 %
HTTPS

43 %
IPv6

14
Domains

18
Subdomains

12
IPs

5
Countries

1508 kB
Transfer

2968 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fb.ship-eez.net/campaigns/sr207rgkze1d3/track-url/rw414wd9x0aa2/41a266a8f49bc5555de90163f7f6957b23d0c674 HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848 HTTP 302
https://www.gratowin.com/dlink.php?Inc=77314617&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d Page URL
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://fb.ship-eez.net/campaigns/sr207rgkze1d3/track-url/rw414wd9x0aa2/41a266a8f49bc5555de90163f7f6957b23d0c674 HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848 HTTP 302
https://www.gratowin.com/dlink.php?Inc=77314617&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
secure.gratowin.com/
Redirect Chain

http://fb.ship-eez.net/campaigns/sr207rgkze1d3/track-url/rw414wd9x0aa2/41a266a8f49bc5555de90163f7f6957b23d0c674
https://sacett.com/?a=8178&c=22306&s1=
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848
https://www.gratowin.com/dlink.php?Inc=77314617&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&short...
https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_tar...

22 KB
6 KB

358ms
162ms

Document
text/html

130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 5e8ad55936ab9bd43c4503658c55bed5fc050731d3f6092c9ff2818579b11c32

Request headers

:method: GET
:authority: secure.gratowin.com
:scheme: https
:path: /?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Inc=77314617; brandId=8; campaignId=48907; mediaId=7712; lang=fr; mode=1; affiliateProfileName=8178_; clickID=21686-576365848; ABClicks=1; shorten_link=5bc7026c78c83; shorten_target=11135; netoClickId=5f8fa4e35e0f957c1532774d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: rhino-core-shield
date: Wed, 21 Oct 2020 03:03:00 GMT
content-type: text/html
content-length: 6132
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 307
server: rhino-core-shield
date: Wed, 21 Oct 2020 03:03:00 GMT
content-type: text/html
content-length: 0
x-powered-by: PHP/5.5.9-1ubuntu4.26
set-cookie: Inc=77314617; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com brandId=8; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com campaignId=48907; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com mediaId=7712; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com lang=fr; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com mode=1; expires=Thu, 22-Oct-2020 03:02:59 GMT; Max-Age=86400; path=/; domain=.gratowin.com affiliateProfileName=8178_; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com clickID=21686-576365848; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com ABClicks=1; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com shorten_link=5bc7026c78c83; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com shorten_target=11135; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com netoClickId=5f8fa4e35e0f957c1532774d; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/; domain=.gratowin.com unikClick=yes; expires=Fri, 20-Nov-2020 03:02:59 GMT; Max-Age=2592000; path=/
location: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
via: 1.1 google
alt-svc: clear

GET
H2 200 style.css
static.gratowin.com/games/skins/8/ 1 KB
448 B 266ms
145ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/skins/8/style.css?ver=76.2001
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 2dea1a89853b566ddae2f163f7828a43a17d1046f03deb18a1c7ad09d0c2ceb6

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 06:33:06 GMT
server: rhino-core-shield
age: 0
status: 200
etag: "54065e-438-5b19bb4516b55"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 336
via: 1.1 google

GET
H2 200 lightwindow.css
static.gratowin.com/games/styles/ 9 KB
2 KB 266ms
145ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/styles/lightwindow.css?ver=76.2001
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 131156bae67b2ebb01211d5626f629a4aeb10a7fcdc0c743c3a99ba4822fd7ea

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 08:41:00 GMT
server: rhino-core-shield
age: 0
status: 200
etag: "10017d-2264-5ab03b30d320c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1938
via: 1.1 google

GET
H2 200 jackpotwidget.css
static.gratowin.com/games/styles/ 5 KB
1 KB 267ms
146ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/styles/jackpotwidget.css?ver=76.2001
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: aa88165e904512cfff7c3641aadcf44062c0bc107626ff5940ca0790102210d8

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 08:41:00 GMT
server: rhino-core-shield
age: 0
status: 200
etag: "100183-14de-5ab03b3089e17"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1019
via: 1.1 google

GET
H2 200 GW_fr.jpg
secure.gratowin.com/lobbyImgs/ 63 KB
63 KB 80ms
80ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/lobbyImgs/GW_fr.jpg?1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: d84ae921292ae9b34c6f61d47db5dc2b45d0637b3f7dd0edba8249af532c5f2f

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
via: 1.1 google
last-modified: Tue, 28 May 2019 06:34:43 GMT
server: rhino-core-shield
age: 0
etag: "221be3-fbad-589ecdc38f54d"
content-type: image/jpeg
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 64429

GET
H2 200 indexScripts.min.js Show response
static.gratowin.com/games/js/ 291 KB
88 KB 197ms
76ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/indexScripts.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 8d476bfda9fe4466aaf17beba424b986ae922eb3ff7770aeeba6f4d5d13b8a02

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2019 09:21:41 GMT
server: rhino-core-shield
age: 0
status: 200
etag: "1011c1-48d80-58e419a987fce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 90084
via: 1.1 google

GET
H2 200 jackpot.js Show response
static.gratowin.com/games/js/ 3 KB
907 B 266ms
146ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/jackpot.js?ver=76.2001
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 6cd9dfeb5992c447c855b4c7c16ba133ca2d27f87ecc0d2797d7cdcdc82b9fd6

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:08 GMT
server: rhino-core-shield
age: 0
status: 200
etag: "100187-af6-5ac1fc390eba2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 803
via: 1.1 google

GET
H2 200 funcPlatform.js Show response
static.gratowin.com/games/js/ 51 KB
8 KB 195ms
75ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/funcPlatform.js?ver=76.2001
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f28711052ffe3e57bc3ee786502645508e26b7c5188695aba410d4c8c145ff8f

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 06:30:02 GMT
server: rhino-core-shield
age: 0
status: 200
etag: "1001f7-cc2f-5b08207926159"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 8231
via: 1.1 google

GET
H2 500 featherlight.min.js
cdrn.hermione-ltd.com/mountain/js/ 0
0 351ms
194ms Script
text/html 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdrn.hermione-ltd.com/mountain/js/featherlight.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 popups_atw_lobby.js Show response
root.netoplaycdn.com/assets/js/ 7 KB
2 KB 203ms
77ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/popups_atw_lobby.js?v=1603249380
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c0d6358b5f1b6a62fa1649cbf46b842e7e33e04f974659cd405ca1ce0b1f3895

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Mon, 21 Sep 2020 14:42:58 GMT
server: rhino-core-shield
etag: "1afc-5afd3ddd16080-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1943
via: 1.1 google

GET
H2 200 tournament.js Show response
root.netoplaycdn.com/assets/promotions/tournaments/Valentines/ 6 KB
2 KB 173ms
47ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/promotions/tournaments/Valentines/tournament.js?v=76.2001
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 53e18d9ef6a9fc78cb4a607229ad489d49b177b3ede4c3975e8522c2fe5f568d

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 02:15:02 GMT
content-encoding: gzip
last-modified: Thu, 06 Feb 2020 13:38:36 GMT
server: rhino-core-shield
age: 2878
etag: "1937-59de863ce6f00-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1971
via: 1.1 google

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
584 B 172ms
47ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 02:31:25 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
age: 1895
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET index.html
update.ngplatform.com/ Frame 5A9A 0
0

GET
H2 200 bg.jpg
static.gratowin.com/games/skins/8/ 541 KB
542 KB 66ms
65ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gratowin.com/games/skins/8/bg.jpg
Requested by: Host: static.gratowin.com
URL: https://static.gratowin.com/games/skins/8/style.css?ver=76.2001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://static.gratowin.com/games/skins/8/style.css?ver=76.2001
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
via: 1.1 google
last-modified: Thu, 15 Mar 2018 07:58:27 GMT
server: rhino-core-shield
age: 0
etag: "54065a-874f0-5676edb58e30d"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 554224

GET
H2 200 Primary Request registration_step1.html Show response
secure.gratowin.com/ 16 KB
5 KB 147ms
146ms Document
text/html 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 2a537f311615d267f3016d113f954a185f4620a04a9daa623dd9c77037c09464

Request headers

:method: GET
:authority: secure.gratowin.com
:scheme: https
:path: /registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Inc=77314617; brandId=8; campaignId=48907; mediaId=7712; lang=fr; mode=1; affiliateProfileName=8178_; clickID=21686-576365848; ABClicks=1; shorten_link=5bc7026c78c83; shorten_target=11135; netoClickId=5f8fa4e35e0f957c1532774d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.gratowin.com/?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d

Response headers

status: 200
server: rhino-core-shield
date: Wed, 21 Oct 2020 03:03:00 GMT
content-type: text/html
content-length: 4906
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 24ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 registrationStyle.css
secure.gratowin.com/htmlRegistration/css/ 20 KB
4 KB 190ms
187ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: adf8f1060a494286abee2dd36be5566b440de58a439f7e15fdad79074263e671

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:39 GMT
server: rhino-core-shield
etag: "e1bf3-4eb1-5ac1fc5697d32"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 4267
via: 1.1 google

GET
H2 200 registrationStyle.css
secure.gratowin.com/htmlRegistration/images/brands/8/ 188 B
243 B 86ms
83ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 0af6b5b2b85951a7a992529ce7b62e702fad82566aa8cd1201cda5b25fcbadb0

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:44 GMT
server: rhino-core-shield
etag: "540870-bc-5ac1fc5bbb59b"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 134
via: 1.1 google

GET
H2 200 libsScripts.js Show response
secure.gratowin.com/htmlRegistration/js/ 512 KB
107 KB 104ms
102ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 3524edd021d38f109a0eb32c0c5903731708cea9bfccb5adc2b2a244046bc266

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
last-modified: Tue, 26 Nov 2019 08:44:50 GMT
server: rhino-core-shield
etag: "e15da-80038-5983be4a97040"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 26ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Origin: https://secure.gratowin.com
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
status: 200
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1603249380.dop037.fr8.t,1603249380.cds213.fr8.hn,1603249380.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
433 B 48ms
46ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 02:31:25 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
age: 1895
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET
H2 200 UtilsAndCommonRegisterScripts.js Show response
secure.gratowin.com/htmlRegistration/js/ 44 KB
10 KB 86ms
84ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c965b44b7dda96016f7d9ddfedb366ccf20d82698a832b3ebb5563536cd84bd2

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:00 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 06:58:52 GMT
server: rhino-core-shield
etag: "e15e5-b0fe-5aec7de29f9fb"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 9777
via: 1.1 google

GET
H2 200 createAccount.js Show response
secure.gratowin.com/htmlRegistration/js/ 21 KB
5 KB 197ms
196ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/createAccount.js?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 97d7ea7a417366b9c5b5e5a5d48a877672aa5fcc5aa57831d212d827c69b6604

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:39 GMT
server: rhino-core-shield
etag: "e1bfe-53ab-5ac1fc56e20c9"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 5250
via: 1.1 google

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
435 B 56ms
55ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js?v=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:02:59 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
age: 1
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
46 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQ4DBB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf9dc21644e6f6951d43ec9c9594fb64d09f68c7fae64884395b58a0a5a709f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47102
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Oct 2020 03:03:01 GMT

GET
H2 200 bg_Regular.jpg
secure.gratowin.com/htmlRegistration/images/brands/8/ 324 KB
325 KB 73ms
72ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/bg_Regular.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f2d8aebf12652d1b8e206162f4eda56fa731498e288cd25727312348c28dac74

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:14 GMT
server: rhino-core-shield
age: 0
etag: "54066e-5116c-594eecb18fb18"
content-type: image/jpeg
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 332140

GET
H2 200 step1_bar.png
secure.gratowin.com/htmlRegistration/images/brands/8/ 2 KB
2 KB 69ms
69ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/step1_bar.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 6e5af33fae4648ab63fd54e57d6c7ee2f3e3a63fb827b975fd5c4d6d43e81652

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:14 GMT
server: rhino-core-shield
age: 0
etag: "5407ec-79e-594eecb18eb77"
content-type: image/png
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1950

GET
H2 200 next_button.png
secure.gratowin.com/htmlRegistration/images/brands/8/ 4 KB
4 KB 100ms
99ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/next_button.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 8f1dbb31098710f15f1fdd002711f62e691e507d43776abce00b40923b56f2a9

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:13 GMT
server: rhino-core-shield
age: 0
etag: "5407eb-10c2-594eecb13da7c"
content-type: image/png
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 4290

GET
H2 200 footer.png
secure.gratowin.com/htmlRegistration/images/ 17 KB
17 KB 70ms
69ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/footer.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c8fb46baf654f26f5cc81075c3c371586b87b5b5781336af27ee31ae8c2981ad

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:29:54 GMT
server: rhino-core-shield
age: 0
etag: "e1c60-42f8-594eec9ea4861"
content-type: image/png
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 17144

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 18 KB
7 KB 169ms
48ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=70099149
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
last-modified: Tue, 21 Aug 2018 07:47:45 GMT
server: ws
etag: "5b7bc3a1-198d"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 6541

GET
H2 200 json Show response
ipinfo.io/ 245 B
447 B 263ms
163ms XHR
application/json 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/json

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.21 Los Gatos, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2615.1e100.net

Software

/ Express

Resource Hash

d4f0fb0ab3ad60a219e399706c4551b44ea6d58831af33e4a9c69c77d514cbaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 241c522a8da58652494b7a4a42e3aa67/6805864006009534353
via: 1.1 google

GET
H2 200 playerAuthenticationServlet Show response
secure.gratowin.com/server/api/ 16 B
236 B 88ms
88ms XHR
text/plain 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/server/api/playerAuthenticationServlet?jsonObject=%7B%22methodName%22%3A%22getCountryBasedOnIp%22%7D&brandId=8&lang=fr&Inc=77314617&campaignId=48907&mediaId=7712&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d&brand=gratowin&_=1603249381134
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 633705911e84e4d02adbf4af6a0a6735d4c10f7d33f8d460bef84b2b77510397

Request headers

Accept: */*
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
via: 1.1 google
server: rhino-core-shield
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/plain
access-control-allow-origin: *
alt-svc: clear
content-length: 16

GET
H2 200 upperLogo.jpg
secure.gratowin.com/htmlRegistration/images/brands/8/en/ 5 KB
5 KB 81ms
81ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/en/upperLogo.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 2411b5d22ac1371b906ec7b4b60aa8ecdbc1c89f64c705860c28df32619e540b

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:38 GMT
server: rhino-core-shield
age: 0
etag: "88028b-1269-594eecc8a4613"
content-type: image/jpeg
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 4713

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ4DBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6432
date: Wed, 21 Oct 2020 01:15:49 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 21 Oct 2020 03:15:49 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
127 B 13ms
12ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=2138976482&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D77314617%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-576365848%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8fa4e35e0f957c1532774d&dp=%2Fregistration_step1.html%3F%26lang%3Dfr%26mediaID%3D7712%26affiliateProfileName%3D8178_%26brandId%3D8%26campaignId%3D48907&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1244898398&gjid=512303447&cid=339655845.1603249381&tid=UA-27702367-3&_gid=438671199.1603249381&_r=1&gtm=2wg9u1TQ4DBB&z=524898168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Oct 2020 03:03:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 countries_fr.json Show response
secure.gratowin.com/htmlRegistration/settings/countries/ 32 KB
5 KB 75ms
74ms XHR
application/json 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/settings/countries/countries_fr.json?_=1603249381135
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f07ad683b5e56352b20cf218b5b1f7b5eba26a11e36bd23b3b1ceb23dd6854fd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:41 GMT
server: rhino-core-shield
etag: W/"e1c16-8139-5ac1fc5880244"
vary: Accept-Encoding
content-type: application/json
status: 200
alt-svc: clear
via: 1.1 google

GET
H2 200 Lang_fr.json Show response
secure.gratowin.com/htmlRegistration/settings/languages/ 25 KB
8 KB 75ms
74ms XHR
application/json 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/settings/languages/Lang_fr.json?ver=0&_=1603249381136
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: e8a98f2db2dcf5b4d074a61e774ee5ae5376e39843cab889e72fb54b60995f60

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 11:39:55 GMT
server: rhino-core-shield
etag: W/"e1212-6291-59a0d052fdf86"
vary: Accept-Encoding
content-type: application/json
status: 200
alt-svc: clear
via: 1.1 google

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=2138976482&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D77314617%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-576365848%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8fa4e35e0f957c1532774d&dp=%2Fvp%2Fregsiter%2FDesktop_Registration_Form_PopUp&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=339655845.1603249381&tid=UA-27702367-3&_gid=438671199.1603249381&gtm=2wg9u1TQ4DBB&cd12=Deeplink&z=2119398552

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Oct 2020 12:31:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52262
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 242 KB
87 KB 76ms
76ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 6b6069d129a0a3c2a1020050d16dc1dca2a0303a01ef589bacd1c68007a00488

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/ 4 KB
1 KB 105ms
20ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/?cb=lpCb4984x1221
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d597e4ee477dc7c7deaf1f6814b28e7fd3a38d78c76f5d7647568cd1c41abe84

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Wed, 21 Oct 2020 03:03:42 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/ 18 KB
2 KB 119ms
39ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 1b6f223e5f6f434a1694506b13f45ce2b16ca8d479d72e49f8234f8e2919549d

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:01 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Wed, 21 Oct 2020 03:03:42 GMT

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ Frame A88A 0
0 87ms
21ms Document
text/html 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d

Response headers

status: 200
date: Wed, 21 Oct 2020 03:03:03 GMT
content-type: text/html
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Wed, 21 Oct 2020 03:13:03 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ 38 KB
15 KB 21ms
21ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.js?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:03 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 21 Oct 2020 03:13:03 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 600 B
1 KB 633ms
260ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?&cb=lpCb55303x55174&t=sp&ts=1603249381603&pid=5054898760&tid=9379604011&u=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D77314617%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-576365848%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8fa4e35e0f957c1532774d&r=https%3A%2F%2Fsecure.gratowin.com%2F%3FbrandId%3D8%26Inc%3D77314617%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-576365848%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8fa4e35e0f957c1532774d&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 5f56d28fe79129e9fe298490211c99dd3327353876eb76aef3fdc3c7f3b264c2

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:04 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 6 KB
3 KB 22ms
21ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/overlay.js?_v=3.42.0.2-release_5022
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:04 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 12:50:18 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 21 Oct 2020 03:13:04 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 30 KB
12 KB 22ms
21ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:04 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 12:50:18 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 21 Oct 2020 03:13:04 GMT

GET
H2 200 2942 Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/campaigns/1152525814/engagements/1152525914/revision/ 2 KB
1 KB 40ms
39ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/campaigns/1152525814/engagements/1152525914/revision/2942?v=3.0&cb=lp1152525914&flavor=dependency
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 032ef37aebd72143ebf27d610a9e89781f6716566188dc7b2478674b48696c01

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:04 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Wed, 21 Oct 2020 03:04:04 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/ 4 KB
1 KB 21ms
20ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/?cb=lpCb45959x12137
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 64e216211ac5bdb98fbd7c3d4d17d99fa0911e35668ef9ca964df5949a673246

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:04 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Wed, 21 Oct 2020 03:03:42 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 131ms
131ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=J8MBqjHuQDmU5wmUAkZ8kA&cb=lpCb33142x66794&t=pl&ts=1603249383752&pid=5054898760&tid=9379604011&vid=Y3MWEwZDYxY2M5MGI1MzEw
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: d6eabbfecd98f6d5297f7452dbbe7a3f5ab2dae9a2b98eefc1bba6d9dc556541

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:04 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 1616507530 Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/engagement-window/window-confs/ 4 KB
1 KB 87ms
87ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/engagement-window/window-confs/1616507530?cb=lpCb81117x36024
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a00f162ffc57f74b56fc65ccd15103a9ec4af9e21de37e193525c9265c5293fb

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:04 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Wed, 21 Oct 2020 03:04:04 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 42 B
792 B 132ms
132ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=J8MBqjHuQDmU5wmUAkZ8kA&cb=lpCb67700x10164&t=uc&ts=1603249384522&pid=5054898760&tid=9379604011&vid=Y3MWEwZDYxY2M5MGI1MzEw&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A1152525814%2C%22engId%22%3A1152525914%2C%22revision%22%3A2942%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 901ff1681e0b33bd1c4cdcfca2f723879214c98b2db3b511348454bcd4e9e389

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:04 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 8 KB
2 KB 117ms
116ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&ct=lpSecureStorage%2Clp_sdes%2Cscraper%2ClpActivityMonitor%2CrendererStub%2Clp_version_detector%2Clp_monitoringSDK%2ClpTransporter%2ClpUnifiedWindow%2CSMT%2Chooks%2Clp_SMT%2Cauthenticator%2CunAuthMessaging%2CjsLoader&b=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 017c3327ecaa527846365bb4e1ad9587ef331de86e18e4a9a8dd4ab5d2284394

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:06 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 604 B
1 KB 138ms
137ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=J8MBqjHuQDmU5wmUAkZ8kA&cb=lpCb90736x93002&t=sp&ts=1603249386277&pid=8328303166&tid=9379604011&vid=Y3MWEwZDYxY2M5MGI1MzEw&rvt=1603249384228&u=https%3A%2F%2Fsecure.scratchmania.com%2F%3Flang%3Den&r=https%3A%2F%2Fsecure.gratowin.com%2F%3FbrandId%3D8%26Inc%3D77314617%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-576365848%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8fa4e35e0f957c1532774d&sec=%5B%22gratowin%22%2C%22lang-english%22%5D&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: c0beb3ad24f931c65445944911f9ce81a3ac014f0b559f8c9399c8a720acd916

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:06 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 3425 Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/campaigns/2472691630/engagements/2472691730/revision/ 2 KB
1 KB 23ms
22ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/campaigns/2472691630/engagements/2472691730/revision/3425?v=3.0&cb=lp2472691730&flavor=dependency
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 584f3a0f67f0f2d854e20446414bbad59fc99f355848ae2e14e34b7980f70b7f

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:06 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Wed, 21 Oct 2020 03:04:06 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 211ms
211ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=J8MBqjHuQDmU5wmUAkZ8kA&cb=lpCb67977x60409&t=pl&ts=1603249386285&pid=8328303166&tid=9379604011&vid=Y3MWEwZDYxY2M5MGI1MzEw
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: e6e02b7db0e89192031577ffa3968f2157657429345369408369cf0f093ecaf7

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:06 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 2472692130 Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/engagement-window/window-confs/ 4 KB
2 KB 85ms
85ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/engagement-window/window-confs/2472692130?cb=lpCb84718x29618
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d588d493c2bb756c176368a19a507e24acb15f931231187f4cd5b69f9b4e9563

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:06 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Wed, 21 Oct 2020 03:04:06 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 42 B
792 B 134ms
133ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=J8MBqjHuQDmU5wmUAkZ8kA&cb=lpCb94932x25958&t=uc&ts=1603249386575&pid=8328303166&tid=9379604011&vid=Y3MWEwZDYxY2M5MGI1MzEw&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A2472691630%2C%22engId%22%3A2472691730%2C%22revision%22%3A3425%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%222%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: b994e2eeaf869384ce42ac15c34b6f554b99e0a388192282fd71324bb36694c6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:03:06 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: update.ngplatform.com
URL: https://update.ngplatform.com/index.html

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gratowin.com/	1970-01-19 13:20:49	Name: _gat_UA-27702367-3 Value: 1
.gratowin.com/	1970-01-19 13:22:15	Name: _gid Value: GA1.2.438671199.1603249381
.gratowin.com/	1970-01-19 14:04:01	Name: netoClickId Value: 5f8fa4e35e0f957c1532774d
.gratowin.com/	1970-01-19 14:04:01	Name: shorten_link Value: 5bc7026c78c83
.gratowin.com/	1970-01-19 14:04:01	Name: clickID Value: 21686-576365848
.gratowin.com/	1970-01-19 14:04:01	Name: ABClicks Value: 1
.gratowin.com/	1970-01-19 13:22:15	Name: mode Value: 1
.gratowin.com/	1970-01-20 06:52:01	Name: _ga Value: GA1.2.339655845.1603249381
.gratowin.com/	1970-01-19 14:04:01	Name: lang Value: fr
.gratowin.com/	1970-01-19 14:04:01	Name: campaignId Value: 48907
.gratowin.com/	1970-01-19 14:04:01	Name: mediaId Value: 7712
.gratowin.com/	1970-01-19 14:04:01	Name: shorten_target Value: 11135
.gratowin.com/	1970-01-19 14:04:01	Name: brandId Value: 8
.gratowin.com/	1970-01-19 14:04:01	Name: affiliateProfileName Value: 8178_
.gratowin.com/	1970-01-19 14:04:01	Name: Inc Value: 77314617

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77314617&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-576365848&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8fa4e35e0f957c1532774d(Line 287) Message: not fun player
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=(Line 857) Message: getCountryBasedOnIp
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=(Line 1131) Message: Dic loaded
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/createAccount.js?ver=(Line 207) Message: $("#createAccountForm #loginLink").outerWidth() = 318

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
cdrn.hermione-ltd.com
click.power-ppp.com
code.jquery.com
fb.ship-eez.net
ipinfo.io
lpcdn.lpsnmedia.net
lptag.liveperson.net
maxcdn.bootstrapcdn.com
root.netoplaycdn.com
sacett.com
secure.gratowin.com
static.gratowin.com
update.ngplatform.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
www.gratowin.com
update.ngplatform.com
130.211.16.99
147.135.64.69
178.249.101.23
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
208.89.12.87
216.239.38.21
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
34.102.220.22
35.227.235.12
46.137.70.201
017c3327ecaa527846365bb4e1ad9587ef331de86e18e4a9a8dd4ab5d2284394
032ef37aebd72143ebf27d610a9e89781f6716566188dc7b2478674b48696c01
0af6b5b2b85951a7a992529ce7b62e702fad82566aa8cd1201cda5b25fcbadb0
131156bae67b2ebb01211d5626f629a4aeb10a7fcdc0c743c3a99ba4822fd7ea
1b6f223e5f6f434a1694506b13f45ce2b16ca8d479d72e49f8234f8e2919549d
2411b5d22ac1371b906ec7b4b60aa8ecdbc1c89f64c705860c28df32619e540b
2a537f311615d267f3016d113f954a185f4620a04a9daa623dd9c77037c09464
2dea1a89853b566ddae2f163f7828a43a17d1046f03deb18a1c7ad09d0c2ceb6
30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6
3524edd021d38f109a0eb32c0c5903731708cea9bfccb5adc2b2a244046bc266
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047
53e18d9ef6a9fc78cb4a607229ad489d49b177b3ede4c3975e8522c2fe5f568d
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
584f3a0f67f0f2d854e20446414bbad59fc99f355848ae2e14e34b7980f70b7f
5e8ad55936ab9bd43c4503658c55bed5fc050731d3f6092c9ff2818579b11c32
5f56d28fe79129e9fe298490211c99dd3327353876eb76aef3fdc3c7f3b264c2
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
633705911e84e4d02adbf4af6a0a6735d4c10f7d33f8d460bef84b2b77510397
64e216211ac5bdb98fbd7c3d4d17d99fa0911e35668ef9ca964df5949a673246
6b6069d129a0a3c2a1020050d16dc1dca2a0303a01ef589bacd1c68007a00488
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd9dfeb5992c447c855b4c7c16ba133ca2d27f87ecc0d2797d7cdcdc82b9fd6
6e5af33fae4648ab63fd54e57d6c7ee2f3e3a63fb827b975fd5c4d6d43e81652
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8d476bfda9fe4466aaf17beba424b986ae922eb3ff7770aeeba6f4d5d13b8a02
8f1dbb31098710f15f1fdd002711f62e691e507d43776abce00b40923b56f2a9
901ff1681e0b33bd1c4cdcfca2f723879214c98b2db3b511348454bcd4e9e389
97d7ea7a417366b9c5b5e5a5d48a877672aa5fcc5aa57831d212d827c69b6604
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
a00f162ffc57f74b56fc65ccd15103a9ec4af9e21de37e193525c9265c5293fb
a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2
aa88165e904512cfff7c3641aadcf44062c0bc107626ff5940ca0790102210d8
adf8f1060a494286abee2dd36be5566b440de58a439f7e15fdad79074263e671
b994e2eeaf869384ce42ac15c34b6f554b99e0a388192282fd71324bb36694c6
c0beb3ad24f931c65445944911f9ce81a3ac014f0b559f8c9399c8a720acd916
c0d6358b5f1b6a62fa1649cbf46b842e7e33e04f974659cd405ca1ce0b1f3895
c8fb46baf654f26f5cc81075c3c371586b87b5b5781336af27ee31ae8c2981ad
c965b44b7dda96016f7d9ddfedb366ccf20d82698a832b3ebb5563536cd84bd2
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
cf9dc21644e6f6951d43ec9c9594fb64d09f68c7fae64884395b58a0a5a709f2
d4f0fb0ab3ad60a219e399706c4551b44ea6d58831af33e4a9c69c77d514cbaf
d588d493c2bb756c176368a19a507e24acb15f931231187f4cd5b69f9b4e9563
d597e4ee477dc7c7deaf1f6814b28e7fd3a38d78c76f5d7647568cd1c41abe84
d6eabbfecd98f6d5297f7452dbbe7a3f5ab2dae9a2b98eefc1bba6d9dc556541
d84ae921292ae9b34c6f61d47db5dc2b45d0637b3f7dd0edba8249af532c5f2f
e6e02b7db0e89192031577ffa3968f2157657429345369408369cf0f093ecaf7
e8a98f2db2dcf5b4d074a61e774ee5ae5376e39843cab889e72fb54b60995f60
f07ad683b5e56352b20cf218b5b1f7b5eba26a11e36bd23b3b1ceb23dd6854fd
f28711052ffe3e57bc3ee786502645508e26b7c5188695aba410d4c8c145ff8f
f2d8aebf12652d1b8e206162f4eda56fa731498e288cd25727312348c28dac74
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

secure.gratowin.com Open in urlscan Pro 130.211.16.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

43 %IPv6

14 Domains

18 Subdomains

12 IPs

5 Countries

1508 kBTransfer

2968 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.gratowin.com Open in urlscan Pro
130.211.16.99 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

43 %
IPv6

14
Domains

18
Subdomains

12
IPs

5
Countries

1508 kB
Transfer

2968 kB
Size

15
Cookies

57 HTTP transactions
0 data transactions