secure.gratowin.com Open in urlscan Pro
130.211.16.99 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure-web.cisco.com/1Y1eouyREMqTJJ20MjHfihTQ0NMq5yYftQWc5tRX9rK-OgyDIdLuz8V6LtgXIAEa3yN-_2V4JDLx2crKfkUJCha7cugRzA7p...
Effective URL:
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affi...
Submission Tags: falconsandbox
Submission: On October 19 via api (October 19th 2020, 6:36:26 am UTC) from US

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 15 domains to perform 56 HTTP transactions. The main IP is 130.211.16.99, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is secure.gratowin.com.
TLS certificate: Issued by GTS CA 1D2 on October 13th 2020. Valid for: 3 months.

This is the only time secure.gratowin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2620:101:2005... 2620:101:2005:11f0::1001	16417 (IRONPORT-...) (IRONPORT-SYSTEMS-INC)
1 1	147.135.64.69 147.135.64.69	16276 (OVH) (OVH)
1 1	54.194.14.156 54.194.14.156	16509 (AMAZON-02) (AMAZON-02)
1 1	35.227.235.12 35.227.235.12	15169 (GOOGLE) (GOOGLE)
1 7	34.102.220.22 34.102.220.22	15169 (GOOGLE) (GOOGLE)
23	130.211.16.99 130.211.16.99	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
3	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON)
1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:6400:10:... 2a03:6400:10:0:178:249:97:99	11054 (LIVEPERSON) (LIVEPERSON)
6	2a03:6400:10:... 2a03:6400:10:0:178:249:97:98	11054 (LIVEPERSON) (LIVEPERSON)
5	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
56	12

1 2620:101:2005:11f0::1001 (United States) 1 redirects

ASN16417 (IRONPORT-SYSTEMS-INC, US)

secure-web.cisco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.64.69 (Reston, United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ns101960.ip-147-135-64.us

pk.cekta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.14.156 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-14-156.eu-west-1.compute.amazonaws.com

sacett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.235.12 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 12.235.227.35.bc.googleusercontent.com

click.power-ppp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.102.220.22 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 22.220.102.34.bc.googleusercontent.com

www.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdrn.hermione-ltd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
root.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 130.211.16.99 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 99.16.211.130.bc.googleusercontent.com

secure.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.gratowin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (Los Gatos, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:6400:10:0:178:249:97:99 (United Kingdom)

ASN11054 (LIVEPERSON, US)

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:6400:10:0:178:249:97:98 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gratowin.com 1 redirects www.gratowin.com secure.gratowin.com static.gratowin.com	669 KB
11	lpsnmedia.net accdn.lpsnmedia.net lpcdn.lpsnmedia.net	41 KB
8	liveperson.net lptag.liveperson.net va.v.liveperson.net	101 KB
5	netoplaycdn.com root.netoplaycdn.com	5 KB
3	google-analytics.com www.google-analytics.com	18 KB
1	ipinfo.io ipinfo.io	446 B
1	googletagmanager.com www.googletagmanager.com	46 KB
1	jquery.com code.jquery.com	66 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	20 KB
1	hermione-ltd.com cdrn.hermione-ltd.com
1	power-ppp.com 1 redirects click.power-ppp.com	453 B
1	sacett.com 1 redirects sacett.com	821 B
1	cekta.net 1 redirects pk.cekta.net	547 B
1	cisco.com 1 redirects secure-web.cisco.com	352 B
0	ngplatform.com Failed update.ngplatform.com Failed
56	15

	Domain	Requested by
16	secure.gratowin.com	secure.gratowin.com
7	static.gratowin.com	secure.gratowin.com static.gratowin.com
6	lpcdn.lpsnmedia.net	lptag.liveperson.net lpcdn.lpsnmedia.net
5	va.v.liveperson.net	lptag.liveperson.net
5	accdn.lpsnmedia.net	lptag.liveperson.net
5	root.netoplaycdn.com	secure.gratowin.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	lptag.liveperson.net	secure.gratowin.com
1	ipinfo.io	secure.gratowin.com
1	www.googletagmanager.com	secure.gratowin.com
1	code.jquery.com	secure.gratowin.com
1	maxcdn.bootstrapcdn.com	secure.gratowin.com
1	cdrn.hermione-ltd.com	secure.gratowin.com
1	www.gratowin.com	1 redirects
1	click.power-ppp.com	1 redirects
1	sacett.com	1 redirects
1	pk.cekta.net	1 redirects
1	secure-web.cisco.com	1 redirects
0	update.ngplatform.com Failed	secure.gratowin.com
56	19

This site contains no links.

Subject Issuer	Validity	Valid
secure.gratowin.com GTS CA 1D2	`2020-10-13` - `2021-01-11`	3 months	crt.sh
static.gratowin.com GTS CA 1D2	`2020-10-13` - `2021-01-11`	3 months	crt.sh
downloads-scratchmania-origin.netoplay.com GTS CA 1D2	`2020-10-14` - `2021-01-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.liveperson.net COMODO RSA Organization Validation Secure Server CA	`2017-12-17` - `2020-12-16`	3 years	crt.sh
ipinfo.io GTS CA 1D2	`2020-09-27` - `2020-12-26`	3 months	crt.sh
*.lpsnmedia.net COMODO RSA Organization Validation Secure Server CA	`2018-02-26` - `2021-02-25`	3 years	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Frame ID: 8892BCE859E1977055F0EF1416C79435
Requests: 54 HTTP requests in this frame

Frame: https://update.ngplatform.com/index.html
Frame ID: BFA2BDD3E4F53FA06B2DAD4938A9A791
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod
Frame ID: B28FAE6BCE1B97878ED186B96BF905CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://secure-web.cisco.com/1Y1eouyREMqTJJ20MjHfihTQ0NMq5yYftQWc5tRX9rK-OgyDIdLuz8V6LtgXIAEa3yN-_2V4JDLx... HTTP 302
http://pk.cekta.net/campaigns/es566jmz4z2bf/track-url/sd857pe8sf305/8528b64436a08fa2a3119bda039b... HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&a... HTTP 302
https://www.gratowin.com/dlink.php?Inc=77252877&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=... HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affilia... Page URL
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LivePerson (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Cloud (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /^1\.1 google$/i

Page Statistics

56
Requests

98 %
HTTPS

47 %
IPv6

15
Domains

19
Subdomains

12
IPs

5
Countries

967 kB
Transfer

2783 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure-web.cisco.com/1Y1eouyREMqTJJ20MjHfihTQ0NMq5yYftQWc5tRX9rK-OgyDIdLuz8V6LtgXIAEa3yN-_2V4JDLx2crKfkUJCha7cugRzA7pVD0X6yMolV3w2-0O6S-orBxOdcaXmqZHZwdOMk4z956Sz3PNTkx-YoSGC5WgO6TuljXfy3pnu9CA-Vvx6paZtPDdCxhIiYb4-A0WeWGKgK1ullkC9QjiNGpL_LLjMeOrbX7BwaonAkAIXmY7wX_NrMAHOehvJL8DNzDpmE0gNqbnPBecCwJsHSmLLezkQg2Q2ESQaEsQzJQ1e9pG8onYgegMxxwPlHyQaPCmW3ovsfbQx9zxbaJZSUA/http://pk.cekta.net/campaigns/es566jmz4z2bf/track-url/sd857pe8sf305/8528b64436a08fa2a3119bda039bf7e5d80ad8e0 HTTP 302
http://pk.cekta.net/campaigns/es566jmz4z2bf/track-url/sd857pe8sf305/8528b64436a08fa2a3119bda039bf7e5d80ad8e0 HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181 HTTP 302
https://www.gratowin.com/dlink.php?Inc=77252877&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b Page URL
https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://secure-web.cisco.com/1Y1eouyREMqTJJ20MjHfihTQ0NMq5yYftQWc5tRX9rK-OgyDIdLuz8V6LtgXIAEa3yN-_2V4JDLx2crKfkUJCha7cugRzA7pVD0X6yMolV3w2-0O6S-orBxOdcaXmqZHZwdOMk4z956Sz3PNTkx-YoSGC5WgO6TuljXfy3pnu9CA-Vvx6paZtPDdCxhIiYb4-A0WeWGKgK1ullkC9QjiNGpL_LLjMeOrbX7BwaonAkAIXmY7wX_NrMAHOehvJL8DNzDpmE0gNqbnPBecCwJsHSmLLezkQg2Q2ESQaEsQzJQ1e9pG8onYgegMxxwPlHyQaPCmW3ovsfbQx9zxbaJZSUA/http://pk.cekta.net/campaigns/es566jmz4z2bf/track-url/sd857pe8sf305/8528b64436a08fa2a3119bda039bf7e5d80ad8e0 HTTP 302
http://pk.cekta.net/campaigns/es566jmz4z2bf/track-url/sd857pe8sf305/8528b64436a08fa2a3119bda039bf7e5d80ad8e0 HTTP 301
https://sacett.com/?a=8178&c=22306&s1= HTTP 302
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181 HTTP 302
https://www.gratowin.com/dlink.php?Inc=77252877&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b HTTP 307
https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
secure.gratowin.com/
Redirect Chain

http://secure-web.cisco.com/1Y1eouyREMqTJJ20MjHfihTQ0NMq5yYftQWc5tRX9rK-OgyDIdLuz8V6LtgXIAEa3yN-_2V4JDLx2crKfkUJCha7cugRzA7pVD0X6yMolV3w2-0O6S-orBxOdcaXmqZHZwdOMk4z956Sz3PNTkx-YoSGC5WgO6TuljXfy3pnu...
http://pk.cekta.net/campaigns/es566jmz4z2bf/track-url/sd857pe8sf305/8528b64436a08fa2a3119bda039bf7e5d80ad8e0
https://sacett.com/?a=8178&c=22306&s1=
https://click.power-ppp.com/click/5bc7026c78c83?brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181
https://www.gratowin.com/dlink.php?Inc=77252877&brandId=8&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&short...
https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_tar...

22 KB
6 KB

269ms
162ms

Document
text/html

130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 542adbc2878f7b3d48d9a333a9d983d80485268ce7920260c3452cdba49f502c

Request headers

:method: GET
:authority: secure.gratowin.com
:scheme: https
:path: /?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Inc=77252877; brandId=8; campaignId=48907; mediaId=7712; lang=fr; mode=1; affiliateProfileName=8178_; clickID=21686-575709181; ABClicks=1; shorten_link=5bc7026c78c83; shorten_target=11135; netoClickId=5f8d33d75e0f95ae760a406b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: rhino-core-shield
date: Mon, 19 Oct 2020 06:36:08 GMT
content-type: text/html
content-length: 6131
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 307
server: rhino-core-shield
date: Mon, 19 Oct 2020 06:36:07 GMT
content-type: text/html
content-length: 0
x-powered-by: PHP/5.5.9-1ubuntu4.29
set-cookie: Inc=77252877; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com brandId=8; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com campaignId=48907; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com mediaId=7712; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com lang=fr; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com mode=1; expires=Tue, 20-Oct-2020 06:36:07 GMT; Max-Age=86400; path=/; domain=.gratowin.com affiliateProfileName=8178_; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com clickID=21686-575709181; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com ABClicks=1; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com shorten_link=5bc7026c78c83; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com shorten_target=11135; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com netoClickId=5f8d33d75e0f95ae760a406b; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/; domain=.gratowin.com unikClick=yes; expires=Wed, 18-Nov-2020 06:36:07 GMT; Max-Age=2592000; path=/
location: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
via: 1.1 google
alt-svc: clear

GET
H2 200 style.css
static.gratowin.com/games/skins/8/ 1 KB
532 B 201ms
79ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/skins/8/style.css?ver=76.2000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 2dea1a89853b566ddae2f163f7828a43a17d1046f03deb18a1c7ad09d0c2ceb6

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 06:33:06 GMT
server: rhino-core-shield
status: 200
etag: "54065e-438-5b19bb4516b55"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 336
via: 1.1 google

GET
H2 200 lightwindow.css
static.gratowin.com/games/styles/ 9 KB
2 KB 245ms
122ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/styles/lightwindow.css?ver=76.2000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 131156bae67b2ebb01211d5626f629a4aeb10a7fcdc0c743c3a99ba4822fd7ea

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 08:41:00 GMT
server: rhino-core-shield
status: 200
etag: "10017d-2264-5ab03b30d320c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1938
via: 1.1 google

GET
H2 200 jackpotwidget.css
static.gratowin.com/games/styles/ 5 KB
1 KB 245ms
123ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/styles/jackpotwidget.css?ver=76.2000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: aa88165e904512cfff7c3641aadcf44062c0bc107626ff5940ca0790102210d8

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 22 Jul 2020 08:41:00 GMT
server: rhino-core-shield
status: 200
etag: "100183-14de-5ab03b3089e17"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1019
via: 1.1 google

GET
H2 200 GW_fr.jpg
secure.gratowin.com/lobbyImgs/ 63 KB
63 KB 78ms
77ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/lobbyImgs/GW_fr.jpg?1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: d84ae921292ae9b34c6f61d47db5dc2b45d0637b3f7dd0edba8249af532c5f2f

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
via: 1.1 google
last-modified: Tue, 28 May 2019 06:34:43 GMT
server: rhino-core-shield
etag: "221be3-fbad-589ecdc38f54d"
content-type: image/jpeg
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 64429

GET
H2 200 indexScripts.min.js
static.gratowin.com/games/js/ 291 KB
88 KB 211ms
90ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/indexScripts.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Mon, 22 Jul 2019 09:21:41 GMT
server: rhino-core-shield
status: 200
etag: "1011c1-48d80-58e419a987fce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 jackpot.js Show response
static.gratowin.com/games/js/ 3 KB
923 B 202ms
81ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/jackpot.js?ver=76.2000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 6cd9dfeb5992c447c855b4c7c16ba133ca2d27f87ecc0d2797d7cdcdc82b9fd6

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:08 GMT
server: rhino-core-shield
status: 200
etag: "100187-af6-5ac1fc390eba2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 803
via: 1.1 google

GET
H2 200 funcPlatform.js Show response
static.gratowin.com/games/js/ 51 KB
8 KB 203ms
81ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gratowin.com/games/js/funcPlatform.js?ver=76.2000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f28711052ffe3e57bc3ee786502645508e26b7c5188695aba410d4c8c145ff8f

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 06:30:02 GMT
server: rhino-core-shield
status: 200
etag: "1001f7-cc2f-5b08207926159"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 8231
via: 1.1 google

GET
H2 500 featherlight.min.js
cdrn.hermione-ltd.com/mountain/js/ 0
0 310ms
188ms Script
text/html 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdrn.hermione-ltd.com/mountain/js/featherlight.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 popups_atw_lobby.js Show response
root.netoplaycdn.com/assets/js/ 7 KB
2 KB 132ms
62ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/popups_atw_lobby.js?v=1603089368
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c0d6358b5f1b6a62fa1649cbf46b842e7e33e04f974659cd405ca1ce0b1f3895

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Mon, 21 Sep 2020 14:42:58 GMT
server: rhino-core-shield
etag: "1afc-5afd3ddd16080-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1943
via: 1.1 google

GET
H2 200 tournament.js Show response
root.netoplaycdn.com/assets/promotions/tournaments/Valentines/ 6 KB
2 KB 131ms
62ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/promotions/tournaments/Valentines/tournament.js?v=76.2000
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 53e18d9ef6a9fc78cb4a607229ad489d49b177b3ede4c3975e8522c2fe5f568d

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Thu, 06 Feb 2020 13:38:36 GMT
server: rhino-core-shield
etag: "1937-59de863ce6f00-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1971
via: 1.1 google

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
479 B 132ms
62ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET index.html
update.ngplatform.com/ Frame BFA2 0
0

GET
H2 200 Primary Request registration_step1.html Show response
secure.gratowin.com/ 16 KB
5 KB 145ms
144ms Document
text/html 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c29e953a46e8b2ece79f1fff7443e7e8a0cb9a2bea192b01e6f416948725ec7e

Request headers

:method: GET
:authority: secure.gratowin.com
:scheme: https
:path: /registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Inc=77252877; brandId=8; campaignId=48907; mediaId=7712; lang=fr; mode=1; affiliateProfileName=8178_; clickID=21686-575709181; ABClicks=1; shorten_link=5bc7026c78c83; shorten_target=11135; netoClickId=5f8d33d75e0f95ae760a406b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.gratowin.com/?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b

Response headers

status: 200
server: rhino-core-shield
date: Mon, 19 Oct 2020 06:36:08 GMT
content-type: text/html
content-length: 4905
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 bg.jpg
static.gratowin.com/games/skins/8/ 361 KB
0 82ms
81ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.gratowin.com/games/skins/8/bg.jpg
Requested by: Host: static.gratowin.com
URL: https://static.gratowin.com/games/skins/8/style.css?ver=76.2000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash

Request headers

Referer: https://static.gratowin.com/games/skins/8/style.css?ver=76.2000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
via: 1.1 google
last-modified: Thu, 15 Mar 2018 07:58:27 GMT
server: rhino-core-shield
etag: "54065a-874f0-5676edb58e30d"
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 554224

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 28ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:34:07 GMT
status: 200
etag: "1544639647"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 19740

GET
H2 200 registrationStyle.css
secure.gratowin.com/htmlRegistration/css/ 20 KB
4 KB 84ms
81ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: adf8f1060a494286abee2dd36be5566b440de58a439f7e15fdad79074263e671

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:39 GMT
server: rhino-core-shield
etag: "e1bf3-4eb1-5ac1fc5697d32"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 4267
via: 1.1 google

GET
H2 200 registrationStyle.css
secure.gratowin.com/htmlRegistration/images/brands/8/ 188 B
243 B 82ms
79ms Stylesheet
text/css 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 0af6b5b2b85951a7a992529ce7b62e702fad82566aa8cd1201cda5b25fcbadb0

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:44 GMT
server: rhino-core-shield
etag: "540870-bc-5ac1fc5bbb59b"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 134
via: 1.1 google

GET
H2 200 libsScripts.js Show response
secure.gratowin.com/htmlRegistration/js/ 512 KB
107 KB 92ms
89ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 3524edd021d38f109a0eb32c0c5903731708cea9bfccb5adc2b2a244046bc266

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Tue, 26 Nov 2019 08:44:50 GMT
server: rhino-core-shield
etag: "e15da-80038-5983be4a97040"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
via: 1.1 google

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 61ms
41ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Origin: https://secure.gratowin.com
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
status: 200
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1603089368.dop131.fr8.t,1603089368.cds272.fr8.hn,1603089368.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
435 B 30ms
27ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
age: 0
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET
H2 200 UtilsAndCommonRegisterScripts.js Show response
secure.gratowin.com/htmlRegistration/js/ 44 KB
10 KB 82ms
79ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c965b44b7dda96016f7d9ddfedb366ccf20d82698a832b3ebb5563536cd84bd2

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Tue, 08 Sep 2020 06:58:52 GMT
server: rhino-core-shield
etag: "e15e5-b0fe-5aec7de29f9fb"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 9777
via: 1.1 google

GET
H2 200 createAccount.js Show response
secure.gratowin.com/htmlRegistration/js/ 21 KB
5 KB 80ms
78ms Script
application/javascript 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/js/createAccount.js?ver=
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 97d7ea7a417366b9c5b5e5a5d48a877672aa5fcc5aa57831d212d827c69b6604

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:39 GMT
server: rhino-core-shield
etag: "e1bfe-53ab-5ac1fc56e20c9"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 5250
via: 1.1 google

GET
H2 200 helper.js Show response
root.netoplaycdn.com/assets/js/ 795 B
432 B 87ms
86ms Script
application/javascript 34.102.220.22
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://root.netoplaycdn.com/assets/js/helper.js?v=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.220.22 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 22.220.102.34.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 15:49:16 GMT
server: rhino-core-shield
etag: "31b-585297f183700-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 377
via: 1.1 google

GET
H2 200 bg_Regular.jpg
secure.gratowin.com/htmlRegistration/images/brands/8/ 324 KB
325 KB 82ms
80ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/bg_Regular.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f2d8aebf12652d1b8e206162f4eda56fa731498e288cd25727312348c28dac74

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:14 GMT
server: rhino-core-shield
etag: "54066e-5116c-594eecb18fb18"
content-type: image/jpeg
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 332140

GET
H2 200 step1_bar.png
secure.gratowin.com/htmlRegistration/images/brands/8/ 2 KB
2 KB 93ms
92ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/step1_bar.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 6e5af33fae4648ab63fd54e57d6c7ee2f3e3a63fb827b975fd5c4d6d43e81652

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:14 GMT
server: rhino-core-shield
etag: "5407ec-79e-594eecb18eb77"
content-type: image/png
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 1950

GET
H2 200 next_button.png
secure.gratowin.com/htmlRegistration/images/brands/8/ 4 KB
4 KB 93ms
92ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/next_button.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 8f1dbb31098710f15f1fdd002711f62e691e507d43776abce00b40923b56f2a9

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/images/brands/8/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:13 GMT
server: rhino-core-shield
etag: "5407eb-10c2-594eecb13da7c"
content-type: image/png
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 4290

GET
H2 200 footer.png
secure.gratowin.com/htmlRegistration/images/ 17 KB
17 KB 79ms
78ms Image
image/png 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/footer.png
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c8fb46baf654f26f5cc81075c3c371586b87b5b5781336af27ee31ae8c2981ad

Request headers

Referer: https://secure.gratowin.com/htmlRegistration/css/registrationStyle.css?ver=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:29:54 GMT
server: rhino-core-shield
etag: "e1c60-42f8-594eec9ea4861"
content-type: image/png
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 17144

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 151 KB
46 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQ4DBB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf9dc21644e6f6951d43ec9c9594fb64d09f68c7fae64884395b58a0a5a709f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47102
x-xss-protection: 0
last-modified: Mon, 19 Oct 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Oct 2020 06:36:08 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 18 KB
7 KB 132ms
32ms Script
application/javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=70099149
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Tue, 21 Aug 2018 07:47:45 GMT
server: ws
etag: "5b7bc3a1-198d"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 6541

GET
H2 200 json Show response
ipinfo.io/ 254 B
446 B 245ms
176ms XHR
application/json 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/json

Requested by

Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 Los Gatos, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

/ Express

Resource Hash

baff86acca22065d86b6fb0a13b53c37b86575f7bfda33846433ec31ac35a0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: d10e76d8875a6d90e73e7f3eb7c68586/8577726157351372168
via: 1.1 google

GET
H2 200 playerAuthenticationServlet Show response
secure.gratowin.com/server/api/ 16 B
236 B 81ms
80ms XHR
text/plain 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/server/api/playerAuthenticationServlet?jsonObject=%7B%22methodName%22%3A%22getCountryBasedOnIp%22%7D&brandId=8&lang=fr&Inc=77252877&campaignId=48907&mediaId=7712&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b&brand=gratowin&_=1603089368765
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: c5a43d3a14858007696b6d78fe548ea462a61797b96b0aad12ae46ac0530f272

Request headers

Accept: */*
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
via: 1.1 google
server: rhino-core-shield
access-control-allow-headers: X-PINGOTHER, Origin, X-Requested-With, Content-Type, Accept
status: 200
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type: text/plain
access-control-allow-origin: *
alt-svc: clear
content-length: 16

GET
H2 200 upperLogo.jpg
secure.gratowin.com/htmlRegistration/images/brands/8/en/ 5 KB
5 KB 80ms
79ms Image
image/jpeg 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gratowin.com/htmlRegistration/images/brands/8/en/upperLogo.jpg
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: 2411b5d22ac1371b906ec7b4b60aa8ecdbc1c89f64c705860c28df32619e540b

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
via: 1.1 google
last-modified: Tue, 15 Oct 2019 08:30:38 GMT
server: rhino-core-shield
etag: "88028b-1269-594eecc8a4613"
content-type: image/jpeg
status: 200
cache-control: public, max-age=3600, s-maxage=3600
accept-ranges: bytes
alt-svc: clear
content-length: 4713

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ4DBB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2803
date: Mon, 19 Oct 2020 05:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Mon, 19 Oct 2020 07:49:25 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
158 B 13ms
13ms XHR
text/plain 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=894742665&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D77252877%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-575709181%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8d33d75e0f95ae760a406b&dp=%2Fregistration_step1.html%3F%26lang%3Dfr%26mediaID%3D7712%26affiliateProfileName%3D8178_%26brandId%3D8%26campaignId%3D48907&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=75767781&gjid=812888323&cid=951296431.1603089369&tid=UA-27702367-3&_gid=1231881222.1603089369&_r=1&gtm=2wg9u1TQ4DBB&z=1437671703

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Oct 2020 06:36:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.gratowin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 countries_fr.json Show response
secure.gratowin.com/htmlRegistration/settings/countries/ 32 KB
5 KB 79ms
78ms XHR
application/json 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/settings/countries/countries_fr.json?_=1603089368766
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: f07ad683b5e56352b20cf218b5b1f7b5eba26a11e36bd23b3b1ceb23dd6854fd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 11:35:41 GMT
server: rhino-core-shield
etag: W/"e1c16-8139-5ac1fc5880244"
vary: Accept-Encoding
content-type: application/json
status: 200
alt-svc: clear
via: 1.1 google

GET
H2 200 Lang_fr.json Show response
secure.gratowin.com/htmlRegistration/settings/languages/ 25 KB
8 KB 98ms
97ms XHR
application/json 130.211.16.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gratowin.com/htmlRegistration/settings/languages/Lang_fr.json?ver=0&_=1603089368767
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/htmlRegistration/js/libsScripts.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.16.99 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.16.211.130.bc.googleusercontent.com
Software: rhino-core-shield /
Resource Hash: e8a98f2db2dcf5b4d074a61e774ee5ae5376e39843cab889e72fb54b60995f60

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 11:39:55 GMT
server: rhino-core-shield
etag: W/"e1212-6291-59a0d052fdf86"
vary: Accept-Encoding
content-type: application/json
status: 200
alt-svc: clear
via: 1.1 google

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 242 KB
87 KB 41ms
41ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 61c4f9a8001856d7dd6f845905da3275bd1944eaf38a3d087c1fd5e3d3b1676f

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:08 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 6ms
6ms Image
image/gif 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=894742665&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D77252877%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-575709181%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8d33d75e0f95ae760a406b&dp=%2Fvp%2Fregsiter%2FDesktop_Registration_Form_PopUp&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=951296431.1603089369&tid=UA-27702367-3&_gid=1231881222.1603089369&gtm=2wg9u1TQ4DBB&cd12=Deeplink&z=908254951

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Oct 2020 17:11:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48251
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/ 4 KB
1 KB 80ms
17ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/?cb=lpCb49131x37546
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: fd8a2acd2695960651175a458dc55d8acd72fe106277393207bbc19fb45711fe

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:09 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Mon, 19 Oct 2020 06:36:34 GMT

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/ 18 KB
2 KB 92ms
33ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 90b79f31125f7671208f5e0738dbc1defc2340de0162b39dc7334603208993b1

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:09 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Mon, 19 Oct 2020 06:36:10 GMT

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ Frame B28F 0
0 86ms
21ms Document
text/html 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.11.0.2-release_5036/storage.secure.min.html?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b

Response headers

status: 200
date: Mon, 19 Oct 2020 06:36:11 GMT
content-type: text/html
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Mon, 19 Oct 2020 06:46:11 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/ 38 KB
15 KB 21ms
21ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.11.0.2-release_5036/storage.secure.min.js?loc=https%3A%2F%2Fsecure.gratowin.com&site=70099149&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
content-encoding: gzip
last-modified: Tue, 29 Sep 2020 18:27:10 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 19 Oct 2020 06:46:11 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 600 B
1 KB 588ms
256ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?&cb=lpCb11963x74325&t=sp&ts=1603089369063&pid=4081067970&tid=7584559857&u=https%3A%2F%2Fsecure.gratowin.com%2Fregistration_step1.html%3FbrandId%3D8%26Inc%3D77252877%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-575709181%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8d33d75e0f95ae760a406b&r=https%3A%2F%2Fsecure.gratowin.com%2F%3FbrandId%3D8%26Inc%3D77252877%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-575709181%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8d33d75e0f95ae760a406b&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 9b637f2334ae135c3a6ff21538573b0f07b12638480317434acf6dbd08a415c9

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 6 KB
3 KB 21ms
21ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/overlay.js?_v=3.42.0.2-release_5022
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 12:50:18 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 19 Oct 2020 06:46:11 GMT

GET
H2 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/ 30 KB
12 KB 22ms
21ms Script
application/javascript 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 12:50:18 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Mon, 19 Oct 2020 06:46:11 GMT

GET
H2 200 2942 Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/campaigns/1152525814/engagements/1152526014/revision/ 2 KB
1 KB 33ms
32ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/le-campaigns/campaigns/1152525814/engagements/1152526014/revision/2942?v=3.0&cb=lp1152526014&flavor=dependency
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: a2bdec7072502bfed79823b34138e8ce904511e8e980732f81e1121b482eb1a6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 1
expires: Mon, 19 Oct 2020 06:37:11 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/ 4 KB
1 KB 17ms
16ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/setting/accountproperties/?cb=lpCb95603x93678
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 7146275d968af6593e5133406b3c1666ed824089e86ffe49f4113dbd3d0a15ba

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Mon, 19 Oct 2020 06:36:34 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 111 B
854 B 117ms
117ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=X6Dl5u9CTSG5weWQPjoORA&cb=lpCb77057x79952&t=pl&ts=1603089371211&pid=4081067970&tid=7584559857&vid=AyYjViNjVkM2JhOGRhYWMz
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 7bfa69ccf6cb40ecd4ecde944be20957c04cdd2207e8ee9af1d30ee0f9951a49

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 1616507530 Show response
accdn.lpsnmedia.net/api/account/70099149/configuration/engagement-window/window-confs/ 4 KB
1 KB 76ms
76ms Script
application/javascript 2a03:6400:10:0:178:249:97:99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://accdn.lpsnmedia.net/api/account/70099149/configuration/engagement-window/window-confs/1616507530?cb=lpCb18234x2245
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:99 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 3effb10fd80f76b7467a0ef6529deb6be74d00f90d43022aaece1b5da802ad53

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
content-type: application/javascript
status: 200
x-envoy-upstream-service-time: 2
expires: Mon, 19 Oct 2020 06:37:11 GMT

GET
H2 200 s_bubble1.png
lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/ 1 KB
2 KB 21ms
21ms Image
image/png 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/s_bubble1.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d804ac7290f9fc5e15b84f93bdd4e4d0001d29754eaf128e74855d52851cb614

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
last-modified: Wed, 19 Aug 2020 12:49:26 GMT
server: ws
etag: a66700f17fdb33302c6f78506d1a9808
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: image/png
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 1189
expires: Mon, 19 Oct 2020 06:46:11 GMT

GET
H2 200 s_bubble1.png
lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/ 1 KB
2 KB 21ms
21ms Image
image/png 2a03:6400:10:0:178:249:97:98
LIVEPERSON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lpcdn.lpsnmedia.net/gallery/libraries/chat/images/assets/s_bubble1.png
Requested by: Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_re/3.42.0.2-release_5022/jsv2/UISuite.js?_v=3.42.0.2-release_5022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a03:6400:10:0:178:249:97:98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: d804ac7290f9fc5e15b84f93bdd4e4d0001d29754eaf128e74855d52851cb614

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:11 GMT
last-modified: Wed, 19 Aug 2020 12:49:26 GMT
server: ws
etag: a66700f17fdb33302c6f78506d1a9808
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: image/png
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 1189
expires: Mon, 19 Oct 2020 06:46:11 GMT

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 41 B
791 B 121ms
121ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=X6Dl5u9CTSG5weWQPjoORA&cb=lpCb94530x4014&t=uc&ts=1603089371942&pid=4081067970&tid=7584559857&vid=AyYjViNjVkM2JhOGRhYWMz&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A1152525814%2C%22engId%22%3A1152526014%2C%22revision%22%3A2942%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: e10579af6e04d42ca0c23abb227e34e7704e3054e66db7472de54c14cf2366c5

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:12 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/ 8 KB
2 KB 48ms
48ms Script
application/x-javascript 178.249.101.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&ct=lpSecureStorage%2Clp_sdes%2Cscraper%2ClpActivityMonitor%2CrendererStub%2Clp_version_detector%2Clp_monitoringSDK%2ClpTransporter%2ClpUnifiedWindow%2CSMT%2Chooks%2Clp_SMT%2Cauthenticator%2CunAuthMessaging%2CjsLoader&b=1
Requested by: Host: secure.gratowin.com
URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: c0131bf30b8b380572b9b59305ccb622f3f57e515f372857b2162633993eb411

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:13 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 241 B
949 B 124ms
123ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=X6Dl5u9CTSG5weWQPjoORA&cb=lpCb34213x97205&t=sp&ts=1603089373834&pid=3998640976&tid=7584559857&vid=AyYjViNjVkM2JhOGRhYWMz&rvt=1603089371655&u=https%3A%2F%2Fsecure.scratchmania.com%2F%3Flang%3Den&r=https%3A%2F%2Fsecure.gratowin.com%2F%3FbrandId%3D8%26Inc%3D77252877%26campaignId%3D48907%26mediaId%3D7712%26lang%3Dfr%26mode%3D1%26affiliateProfileName%3D8178_%26clickID%3D21686-575709181%26ABClicks%3D1%26shorten_link%3D5bc7026c78c83%26shorten_target%3D11135%26netoClickId%3D5f8d33d75e0f95ae760a406b&sec=%5B%22gratowin%22%2C%22lang-english%22%5D&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: e5caedbeb95b78e998cc37e60a4226955d5e067034a6633e2d2ec993465c393a

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:13 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 70099149 Show response
va.v.liveperson.net/api/js/ 109 B
852 B 117ms
117ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/70099149?sid=X6Dl5u9CTSG5weWQPjoORA&cb=lpCb71452x306&t=pl&ts=1603089373837&pid=3998640976&tid=7584559857&vid=AyYjViNjVkM2JhOGRhYWMz
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/70099149/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 544a03db2703d51c68fda2bf2fe1b58175bc85070a6bd6eaa763c13b3dd49da6

Request headers

Referer: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 06:36:14 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
status: 200
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: update.ngplatform.com
URL: https://update.ngplatform.com/index.html

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gratowin.com/	1970-01-19 13:18:09	Name: _gat_UA-27702367-3 Value: 1
.gratowin.com/	1970-01-19 13:19:35	Name: _gid Value: GA1.2.1231881222.1603089369
.gratowin.com/	1970-01-19 14:01:21	Name: netoClickId Value: 5f8d33d75e0f95ae760a406b
.gratowin.com/	1970-01-19 14:01:21	Name: shorten_link Value: 5bc7026c78c83
.gratowin.com/	1970-01-19 14:01:21	Name: clickID Value: 21686-575709181
.gratowin.com/	1970-01-19 14:01:21	Name: ABClicks Value: 1
.gratowin.com/	1970-01-19 13:19:35	Name: mode Value: 1
.gratowin.com/	1970-01-20 06:49:21	Name: _ga Value: GA1.2.951296431.1603089369
.gratowin.com/	1970-01-19 14:01:21	Name: lang Value: fr
.gratowin.com/	1970-01-19 14:01:21	Name: campaignId Value: 48907
.gratowin.com/	1970-01-19 14:01:21	Name: mediaId Value: 7712
.gratowin.com/	1970-01-19 14:01:21	Name: shorten_target Value: 11135
.gratowin.com/	1970-01-19 14:01:21	Name: brandId Value: 8
.gratowin.com/	1970-01-19 14:01:21	Name: affiliateProfileName Value: 8178_
.gratowin.com/	1970-01-19 14:01:21	Name: Inc Value: 77252877

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secure.gratowin.com/registration_step1.html?brandId=8&Inc=77252877&campaignId=48907&mediaId=7712&lang=fr&mode=1&affiliateProfileName=8178_&clickID=21686-575709181&ABClicks=1&shorten_link=5bc7026c78c83&shorten_target=11135&netoClickId=5f8d33d75e0f95ae760a406b(Line 287) Message: not fun player
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=(Line 857) Message: getCountryBasedOnIp
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/UtilsAndCommonRegisterScripts.js?ver=(Line 1131) Message: Dic loaded
console-api	log	URL: https://secure.gratowin.com/htmlRegistration/js/createAccount.js?ver=(Line 207) Message: $("#createAccountForm #loginLink").outerWidth() = 318

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
cdrn.hermione-ltd.com
click.power-ppp.com
code.jquery.com
ipinfo.io
lpcdn.lpsnmedia.net
lptag.liveperson.net
maxcdn.bootstrapcdn.com
pk.cekta.net
root.netoplaycdn.com
sacett.com
secure-web.cisco.com
secure.gratowin.com
static.gratowin.com
update.ngplatform.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
www.gratowin.com
update.ngplatform.com
130.211.16.99
147.135.64.69
178.249.101.23
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
208.89.12.87
216.239.32.21
2620:101:2005:11f0::1001
2a00:1450:4001:809::2008
2a00:1450:4001:81b::200e
2a03:6400:10:0:178:249:97:98
2a03:6400:10:0:178:249:97:99
34.102.220.22
35.227.235.12
54.194.14.156
0af6b5b2b85951a7a992529ce7b62e702fad82566aa8cd1201cda5b25fcbadb0
131156bae67b2ebb01211d5626f629a4aeb10a7fcdc0c743c3a99ba4822fd7ea
2411b5d22ac1371b906ec7b4b60aa8ecdbc1c89f64c705860c28df32619e540b
2dea1a89853b566ddae2f163f7828a43a17d1046f03deb18a1c7ad09d0c2ceb6
30fc9a8881a2a24f4cc83e0324219ecc9304d4b7469c70fe44934f93ac2502c6
3524edd021d38f109a0eb32c0c5903731708cea9bfccb5adc2b2a244046bc266
3effb10fd80f76b7467a0ef6529deb6be74d00f90d43022aaece1b5da802ad53
44027ec55ed8b2de1f3dcdaf00c6b0c72c466e85d515c60431f61da11f242047
53e18d9ef6a9fc78cb4a607229ad489d49b177b3ede4c3975e8522c2fe5f568d
542adbc2878f7b3d48d9a333a9d983d80485268ce7920260c3452cdba49f502c
544a03db2703d51c68fda2bf2fe1b58175bc85070a6bd6eaa763c13b3dd49da6
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
61c4f9a8001856d7dd6f845905da3275bd1944eaf38a3d087c1fd5e3d3b1676f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd9dfeb5992c447c855b4c7c16ba133ca2d27f87ecc0d2797d7cdcdc82b9fd6
6e5af33fae4648ab63fd54e57d6c7ee2f3e3a63fb827b975fd5c4d6d43e81652
7146275d968af6593e5133406b3c1666ed824089e86ffe49f4113dbd3d0a15ba
7bfa69ccf6cb40ecd4ecde944be20957c04cdd2207e8ee9af1d30ee0f9951a49
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f1dbb31098710f15f1fdd002711f62e691e507d43776abce00b40923b56f2a9
90b79f31125f7671208f5e0738dbc1defc2340de0162b39dc7334603208993b1
97d7ea7a417366b9c5b5e5a5d48a877672aa5fcc5aa57831d212d827c69b6604
9b637f2334ae135c3a6ff21538573b0f07b12638480317434acf6dbd08a415c9
9bebc276e1808d8b0b29ad4ab94d77652bf14f69839f540b8a874f82d73d5a51
a2bdec7072502bfed79823b34138e8ce904511e8e980732f81e1121b482eb1a6
a6c94763f85d97edffb717098e436aad3a4a6b5d1e866b1e2315ee0ec8f784d2
aa88165e904512cfff7c3641aadcf44062c0bc107626ff5940ca0790102210d8
adf8f1060a494286abee2dd36be5566b440de58a439f7e15fdad79074263e671
baff86acca22065d86b6fb0a13b53c37b86575f7bfda33846433ec31ac35a0bd
c0131bf30b8b380572b9b59305ccb622f3f57e515f372857b2162633993eb411
c0d6358b5f1b6a62fa1649cbf46b842e7e33e04f974659cd405ca1ce0b1f3895
c29e953a46e8b2ece79f1fff7443e7e8a0cb9a2bea192b01e6f416948725ec7e
c5a43d3a14858007696b6d78fe548ea462a61797b96b0aad12ae46ac0530f272
c8fb46baf654f26f5cc81075c3c371586b87b5b5781336af27ee31ae8c2981ad
c965b44b7dda96016f7d9ddfedb366ccf20d82698a832b3ebb5563536cd84bd2
cc490a8ef7deb4c7fba66f332ad8cdd39433675b95d2bd341300ab7b718f8e4e
cf9dc21644e6f6951d43ec9c9594fb64d09f68c7fae64884395b58a0a5a709f2
d804ac7290f9fc5e15b84f93bdd4e4d0001d29754eaf128e74855d52851cb614
d84ae921292ae9b34c6f61d47db5dc2b45d0637b3f7dd0edba8249af532c5f2f
e10579af6e04d42ca0c23abb227e34e7704e3054e66db7472de54c14cf2366c5
e5caedbeb95b78e998cc37e60a4226955d5e067034a6633e2d2ec993465c393a
e8a98f2db2dcf5b4d074a61e774ee5ae5376e39843cab889e72fb54b60995f60
f07ad683b5e56352b20cf218b5b1f7b5eba26a11e36bd23b3b1ceb23dd6854fd
f28711052ffe3e57bc3ee786502645508e26b7c5188695aba410d4c8c145ff8f
f2d8aebf12652d1b8e206162f4eda56fa731498e288cd25727312348c28dac74
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd8a2acd2695960651175a458dc55d8acd72fe106277393207bbc19fb45711fe

secure.gratowin.com Open in urlscan Pro 130.211.16.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

47 %IPv6

15 Domains

19 Subdomains

12 IPs

5 Countries

967 kBTransfer

2783 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.gratowin.com Open in urlscan Pro
130.211.16.99 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

47 %
IPv6

15
Domains

19
Subdomains

12
IPs

5
Countries

967 kB
Transfer

2783 kB
Size

15
Cookies

56 HTTP transactions
0 data transactions