URL: http://www.lan-play.com/
Submission: On November 15 via api from US — Scanned from FR

Summary

This website contacted 35 IPs in 9 countries across 29 domains to perform 107 HTTP transactions. The main IP is 188.165.53.185, located in Sotteville-lès-Rouen, France and belongs to OVH, FR. The main domain is www.lan-play.com.
This is the only time www.lan-play.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 188.165.53.185 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
2 199.60.101.194 63018 (DEDICATED)
2 136.49.253.125 16591 (GOOGLE-FIBER)
2 192.241.238.136 14061 (DIGITALOC...)
1 11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 128.78.241.142 5410 (BOUYGTEL-ISP)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
5 142.250.186.130 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 37.157.2.229 198622 (ADFORM)
1 1 51.89.9.252 16276 (OVH)
1 2600:1901:0:7... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.185.98 15169 (GOOGLE)
2 142.132.212.158 24940 (HETZNER-AS)
2 104.102.45.165 16625 (AKAMAI-AS)
1 95.131.136.1 47841 (OXALIDE)
2 122.116.141.58 3462 (HINET Dat...)
2 62.143.93.53 3209 (VODANET I...)
2 148.251.7.154 24940 (HETZNER-AS)
2 138.201.206.230 24940 (HETZNER-AS)
2 84.245.9.213 25596 (CAMBRIUM-AS)
2 89.163.151.130 ()
107 35
Apex Domain
Subdomains
Transfer
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
287 KB
19 lan-play.com
www.lan-play.com
542 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 33424
ad4m.at — Cisco Umbrella Rank: 12394
assets.ad4m.at — Cisco Umbrella Rank: 45800
172 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
70 KB
6 gstatic.com
fonts.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn1.gstatic.com
www.gstatic.com
130 KB
4 ddns.net
switchlanplay-tw.ddns.net
switch-lanyplay-de.ddns.net
364 B
4 servegame.com
switchfr.servegame.com
switch.servegame.com
364 B
2 jayseateam.nl
switch.jayseateam.nl
182 B
2 erdbeerbaerlp.de
erdbeerbaerlp.de
182 B
2 nvds.be
switch.nvds.be
182 B
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
1 KB
2 layer8.fail
layer8.fail
182 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954
static-de.ad4mat.net — Cisco Umbrella Rank: 188473
4 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
127 KB
2 tekn0.net
tekn0.net
182 B
2 exabytes.space
switch.exabytes.space
182 B
2 joinsg.net
joinsg.net
182 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 aircaraibes.com
jpp.aircaraibes.com
2 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
387 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
716 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
104 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
471 B
1 uptimerobot.com
api.uptimerobot.com — Cisco Umbrella Rank: 420337
2 KB
107 29
Domain Requested by
19 www.lan-play.com www.lan-play.com
11 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
9 pagead2.googlesyndication.com www.lan-play.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 assets.ad4m.at as.ad4m.at
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 cm.g.doubleclick.net googleads.g.doubleclick.net
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
2 switch.servegame.com www.lan-play.com
2 switch.jayseateam.nl www.lan-play.com
2 erdbeerbaerlp.de www.lan-play.com
2 switch.nvds.be www.lan-play.com
2 switch-lanyplay-de.ddns.net www.lan-play.com
2 switchlanplay-tw.ddns.net www.lan-play.com
2 www.awin1.com as.ad4m.at
2 layer8.fail www.lan-play.com
2 www.googleadservices.com
2 c1.adform.net 2 redirects
2 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
2 switchfr.servegame.com www.lan-play.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 tekn0.net www.lan-play.com
2 switch.exabytes.space www.lan-play.com
2 joinsg.net www.lan-play.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.lan-play.com
googleads.g.doubleclick.net
1 jpp.aircaraibes.com as.ad4m.at
1 static-de.ad4mat.net as.ad4m.at
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 onetag-sys.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
1 api.uptimerobot.com www.lan-play.com
107 41

This site contains links to these domains. Also see Links.

Domain
discordapp.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-10 -
2024-04-09
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2023-09-26 -
2023-12-25
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-10 -
2024-03-09
a year crt.sh
jpp.aircaraibes.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh

This page contains 13 frames:

Primary Page: http://www.lan-play.com/
Frame ID: E772900D1683C59956A6B6C26A054767
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 0FC85C50E341C39C130D983253A46DCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&adk=1812271804&adf=3025194257&lmt=1700032416&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x540_l%7C356x540_r&format=0x0&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&dt=1700032415828&bpp=27&bdt=547&idt=201&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8293187164674&frm=20&pv=2&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=229
Frame ID: D81FAE5721F665699582DEE38E5D410C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Frame ID: 87F6510E55F32B3988F8A59D20A5860F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Frame ID: 58BBB38CCBFAB7B990A95AF6935CCBAD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ktmm2q9vhbqn1q3j22savm8btw65fs40xhthba7gwc83q4bxhjgc16mgdsy6zbect3c9vsjsya1ynz2pk5mj37ggt1eaj2xa42zayh3rcn7xeawzkmb70f7brgnd9x03w0nqgwyscnkk6x48efpkwr6a2w54x016n6mhhgm3kft93kqb8kfw8dagqzjv0h4y8fxz1ttqbchef1fethvyvdjbk2qfqjkaye979g87abe2kgx1zcjdkv0yf7dhpsf8waenqnn4s3mfc9b6pezp642ccmk3swktxe3m21txrad0vh3tszkacfg3jv6pyx6cpnrn7yckz9pg9s4yzth8kv8p462j174a8a61919kamswnaaga6qs5wn89qy1ax9967q79dc433e3n3txp8cxvw9k7ttnc92vm5njmzs4nscjvr452cfyqr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%26client%3Dca-pub-5453484589871544%26adurl%3D
Frame ID: B8DDB71751A5098ED8FCABB764BA77E7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: 84CB982B8563006AA0A6DE774844A296
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C0F5DB965AE63044743F386A97342E2
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 51BA168D2D1793B42C42257C02E24E6D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 3629C365BFCE368213099EF48CDE3DF9
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Frame ID: 6AC7DA5722FD49E637BF4CC6C2DA056D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05354233B21E5700CC8DCA9EA08A7353
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A5B478C71600A9297C290D000CEA25D4
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

LAN Play Status | lan-play.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

107
Requests

55 %
HTTPS

53 %
IPv6

29
Domains

41
Subdomains

35
IPs

9
Countries

1342 kB
Transfer

3749 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgyorPzwEQ5QwYmQMyCJNiWW7BUjVL HTTP 301
  • https://tpc.googlesyndication.com/simgad/388799601516824345
Request Chain 50
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJvmXogIN6guB3JTfkEiTVw&google_cver=1&google_push=AXcoOmRT8oDEZ_i2xtGC0MC3cGeAMqr-bA9fUXqBBM3io7jhz4Z5nJpVDFotvFzDKpIY1HEflDg2xW97V3NOrMZ-hW6ioW_7H7Ev HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMxMzM4Mjg5ODQ2NzMzODM4Nw==&gdpr=&gdpr_consent=
Request Chain 53
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEK82VXuBJh7GLTT5vQJXbyM&google_cver=1&google_push=AXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK82VXuBJh7GLTT5vQJXbyM&google_cver=1&google_push=AXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 54
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF3nPU9LHjaOXOlFf-E41Mk&google_cver=1&google_push=AXcoOmRV0RcmlA2V48QEXK_L1zkBE_1VW7fTaRiXVFuvPSLvfPcrhfQrI_fRHfIFAbAEEoZAWBE0PFiDpRgmErJKvYNSb1wk_NTylA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRV0RcmlA2V48QEXK_L1zkBE_1VW7fTaRiXVFuvPSLvfPcrhfQrI_fRHfIFAbAEEoZAWBE0PFiDpRgmErJKvYNSb1wk_NTylA&google_hm=eS1GUkJzWVFORTJwRTN6OGIzRDZfTF9WWGxCMHd1d2dKSH5B
Request Chain 55
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEojroacW_Uii9sym4pgVyc&google_cver=1&google_push=AXcoOmQZPL23mOIZY90AFLDwDRuVn8oDGeHkyNUKt_TrJKKb4c5w2xsRIMMYLPPWSc2VNgIRwhLOHt5pbkr7XIYoqxu_DKzw-ippjQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEojroacW_Uii9sym4pgVyc&google_cver=1&google_push=AXcoOmQZPL23mOIZY90AFLDwDRuVn8oDGeHkyNUKt_TrJKKb4c5w2xsRIMMYLPPWSc2VNgIRwhLOHt5pbkr7XIYoqxu_DKzw-ippjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUyMzgzMTEwODIwNjYzNjI1Mg&google_push=AXcoOmQZPL23mOIZY90AFLDwDRuVn8oDGeHkyNUKt_TrJKKb4c5w2xsRIMMYLPPWSc2VNgIRwhLOHt5pbkr7XIYoqxu_DKzw-ippjQ
Request Chain 56
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJS_sHSWjiGRrmA7zOlrpYs&google_cver=1&google_push=AXcoOmSAtPDZH0j5cteaB7QpLVL7lfQHs-h69RTIQWzvdJzrODrY9IvfJthFGFeLIpECwfYchmHHNn3dm_gDPIRR_LRqKPmeChA_uA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSAtPDZH0j5cteaB7QpLVL7lfQHs-h69RTIQWzvdJzrODrY9IvfJthFGFeLIpECwfYchmHHNn3dm_gDPIRR_LRqKPmeChA_uA
Request Chain 65
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ConwroG9UZfiACIyK78EPhcqGgAn_8JecdJednP6xEGQQASCWgOtvYPvhhYOcCqAB6qf15APIAQmoAwHIA8sEqgTNAU_QWDQY3fsvDzAD0z71-qlq71_pWL-0T3OFkUtlZ6vOsVrnjQOsvKcU6Njh8tPG6cT_LxMaoqVGeD-EHdds-E_uFiU3e6TxAKBi5i7cWfnKTSVUu3WCTQP6Krrm5u7E-vAFd0MYHFBTsRrC8U6Db72DKbxMN82jXaNoEun6gOPx9VGiHrQ15mrAQ9bXkxeVvvUp0bPaOTGhjW2yNZ1IgYHwee6UsW3DwTA3_KxjsvhN6SCfPH-m5ooJqwk9FYfENyet6xllcwLCRONiqqDABLbIkMuYBIgFjdmXqUOSBQQIBBgBkgUECAUYBKAGLoAH_teKG6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCQ3gPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkUaHR0cHM6Ly9hcHBzdW1vLmNvbS-ACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMOiBQL0BUBgBcBshccChoIABIUcHViLTU0NTM0ODQ1ODk4NzE1NDQYAA&sigh=ltkZuLsvXbQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNmDnff688ulkbyKGYmERzP4KFbXSFehldPJqtASMDdaW5qKIGlNSazx0FfOAzMbJ6gZvSavDduPqHzHz7Rs-wdmkW-4ZtMj9AFBwYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218326907757752840082%22,%22debug_reporting%22:true,%22destination%22:%22https://appsumo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221016943594%22],%224%22:[%2211-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226123766000516771745%22}&andc=true

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.lan-play.com/
3 KB
2 KB
Document
General
Full URL
http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
4d169d939a5cd2597a5de360b118ccca2a8ffade9238e870a2049b3b29b69e28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
none
content-encoding
gzip
content-length
1337
content-type
text/html
date
Wed, 15 Nov 2023 07:13:35 GMT
server
Apache
vary
Accept-Encoding
x-iplb-instance
38227
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546F9F_1278:3654
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,700&display=swap
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
003a670e5441cf0c6b6f93d6ae401235b1c8af0d625dcd79aec5e0e2a0c917a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 Nov 2023 07:13:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 07:10:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Nov 2023 07:13:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
007846aec7789f0fe26bdb56e55be0a6e582c5655b0e420fa7223eaea0f54568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52820
x-xss-protection
0
server
cafe
etag
14061245206100518935
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 07:13:35 GMT
app.e2a63a8d.css
www.lan-play.com/css/
4 KB
2 KB
Stylesheet
General
Full URL
http://www.lan-play.com/css/app.e2a63a8d.css
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
d84e823edd228cab0e7b139a09bab22b85d2bb784e2ea43746f0a04ba1c9c42c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
content-encoding
gzip
last-modified
Sat, 11 Nov 2023 02:55:02 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546F9F_127A:3654
x-iplb-instance
38227
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=900
accept-ranges
none
content-length
1473
expires
Wed, 15 Nov 2023 07:28:35 GMT
app.e2f30c4f.js
www.lan-play.com/js/
2 MB
392 KB
Script
General
Full URL
http://www.lan-play.com/js/app.e2f30c4f.js
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
1d57b501da6d2322b7fec783aaef56068c01ce47e155ccbe6e5c1745c8e017ad

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
content-encoding
gzip
last-modified
Sat, 11 Nov 2023 02:56:28 GMT
server
Apache
x-iplb-request-id
B22190B1:9A3A_BCA535B9:0050_65546F9F_1949:3655
x-iplb-instance
38227
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
none
expires
Wed, 15 Nov 2023 07:28:35 GMT
chunk-vendors.c40f0db7.js
www.lan-play.com/js/
179 KB
61 KB
Script
General
Full URL
http://www.lan-play.com/js/chunk-vendors.c40f0db7.js
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
b8e46c4a04cc10f2443d7ffe8b2eecb15dd895dc1c8ca69e21575602aa383633

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
content-encoding
gzip
last-modified
Sat, 11 Nov 2023 02:56:29 GMT
server
Apache
x-iplb-request-id
B22190B1:9A4A_BCA535B9:0050_65546F9F_BE05:27CDE
x-iplb-instance
38226
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
none
expires
Wed, 15 Nov 2023 07:28:35 GMT
getMonitors
api.uptimerobot.com/v2/
15 KB
2 KB
Fetch
General
Full URL
https://api.uptimerobot.com/v2/getMonitors
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15fa50c3f55d3c895aa1cdb051492972f3a116d01fe4e964c7cc20751d3cba8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
frame-ancestors 'self'
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3a75-NomHznmkv/k+nWv6TPow0tRW3EU"
x-ratelimit-remaining
8
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0ohliL0KRPvyxMcoy5md8KKkYjZA4iNOsxMZuHk0egWvG6APT8otSCzJqw%2FhEccNZNUnAckOQFw52aa6Z1WtoUefB4wyZ0D1EUtj4EM8nv7DKOL8YJsr3ma88usaCDKH5H58%2B%2BvuTxRcyH4omVv2To%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options
SAMEORIGIN
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-ratelimit-reset
1700032457
x-ratelimit-limit
10
cf-ray
8265b1464b3e0496-CDG
logo.f64272e3.png
www.lan-play.com/img/
7 KB
8 KB
Image
General
Full URL
http://www.lan-play.com/img/logo.f64272e3.png
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
e5480a54cf761b91335a597f6126d5b1529bb62a32806cd5a7b24e2c32e62cac

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
last-modified
Sat, 11 Nov 2023 02:55:41 GMT
server
Apache
x-iplb-request-id
B22190B1:9A3A_BCA535B9:0050_65546F9F_195A:3655
x-iplb-instance
38227
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
7398
expires
Wed, 15 Nov 2023 07:28:35 GMT
discord.586627d4.svg
www.lan-play.com/img/
1 KB
2 KB
Image
General
Full URL
http://www.lan-play.com/img/discord.586627d4.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
1dc39783161c952c8f5c0c9b184ace95c2d83352157c6f7f36e054b7e1b06b3a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
last-modified
Sat, 11 Nov 2023 02:55:17 GMT
server
Apache
x-iplb-request-id
B22190B1:9A4A_BCA535B9:0050_65546F9F_BE1C:27CDE
x-iplb-instance
38226
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
1215
expires
Wed, 15 Nov 2023 07:28:35 GMT
world-flags-globe.f17c62e2.png
www.lan-play.com/img/
50 KB
50 KB
Image
General
Full URL
http://www.lan-play.com/img/world-flags-globe.f17c62e2.png
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
e95b5e90d20e3970bcbf86ddf523f76c3a6ed5c20e1482532567cbbfb614bc4c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
last-modified
Sat, 11 Nov 2023 02:56:24 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546F9F_1289:3654
x-iplb-instance
38227
content-type
image/png
cache-control
max-age=900
accept-ranges
bytes
content-length
50962
expires
Wed, 15 Nov 2023 07:28:35 GMT
us.c49164ce.svg
www.lan-play.com/img/
3 KB
3 KB
Image
General
Full URL
http://www.lan-play.com/img/us.c49164ce.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
69e09d41b9f5fad06ff3eea848b3f3fba168027a8273acea7c853cfb13974e3f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
last-modified
Sat, 11 Nov 2023 02:56:20 GMT
server
Apache
x-iplb-request-id
B22190B1:9A68_BCA535B9:0050_65546F9F_8A93:27CDD
x-iplb-instance
38226
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
2760
expires
Wed, 15 Nov 2023 07:28:35 GMT
fr.054f9a5c.svg
www.lan-play.com/img/
410 B
759 B
Image
General
Full URL
http://www.lan-play.com/img/fr.054f9a5c.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
35d057e3ae0fe76a7711d1f42435c0063e36a4f74741f1a3a65f762ef71f718d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
last-modified
Sat, 11 Nov 2023 02:55:21 GMT
server
Apache
x-iplb-request-id
B22190B1:9A3A_BCA535B9:0050_65546F9F_195C:3655
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
410
expires
Wed, 15 Nov 2023 07:28:35 GMT
ru.707b18a8.svg
www.lan-play.com/img/
647 B
997 B
Image
General
Full URL
http://www.lan-play.com/img/ru.707b18a8.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
e022b10d724c02bb5db4228230df83e5a7f5d6ffa1bac6ede7418f8e726366b7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
last-modified
Sat, 11 Nov 2023 02:56:06 GMT
server
Apache
x-iplb-request-id
B22190B1:9A4A_BCA535B9:0050_65546F9F_BE1D:27CDE
x-iplb-instance
38226
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
647
expires
Wed, 15 Nov 2023 07:28:35 GMT
es.829c00d1.svg
www.lan-play.com/img/
12 KB
13 KB
Image
General
Full URL
http://www.lan-play.com/img/es.829c00d1.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
7319fef6e98256b049949e57537e362086e08d0cce1abd83dfd7f4158f644f50

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
last-modified
Sat, 11 Nov 2023 02:55:19 GMT
server
Apache
x-iplb-request-id
B22190B1:9A5C_BCA535B9:0050_65546F9F_3500:26047
x-iplb-instance
17180
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
12615
expires
Wed, 15 Nov 2023 07:28:35 GMT
br.e7f3b2e0.svg
www.lan-play.com/img/
3 KB
3 KB
Image
General
Full URL
http://www.lan-play.com/img/br.e7f3b2e0.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
e88fe1fa91106f460d3a1861e6cd412ec345605dfb7d238a30f669ced6eecf02

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
last-modified
Sat, 11 Nov 2023 02:55:10 GMT
server
Apache
x-iplb-request-id
B22190B1:9A52_BCA535B9:0050_65546F9F_0761:3652
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
2860
expires
Wed, 15 Nov 2023 07:28:35 GMT
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://www.lan-play.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 07:33:54 GMT
x-content-type-options
nosniff
age
344381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 07:33:54 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5453484589871544&plah=www.lan-play.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dd1c433cff21961374c39bf183ae46d409a72f1dabf75cc966f1afd15ecf92b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138530
x-xss-protection
0
server
cafe
etag
13068962463571258134
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 Nov 2023 07:13:35 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 0FC8
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lan-play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
67858
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 12:22:37 GMT
etag
16674218716276178799
expires
Tue, 28 Nov 2023 12:22:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
joinsg.net/
20 B
182 B
Fetch
General
Full URL
http://joinsg.net:11453/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
199.60.101.194 Chicago, United States, ASN63018 (DEDICATED, US),
Reverse DNS
joinsg.net
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:35 GMT
content-length
20
content-type
application/json
/
joinsg.net/ Frame
0
0
Preflight
General
Full URL
http://joinsg.net:11453/
Protocol
HTTP/1.1
Server
199.60.101.194 Chicago, United States, ASN63018 (DEDICATED, US),
Reverse DNS
joinsg.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
x-apollo-tracing, content-type
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:36 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D81F
14 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&adk=1812271804&adf=3025194257&lmt=1700032416&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x540_l%7C356x540_r&format=0x0&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~5~6&ascmds=1&dt=1700032415828&bpp=27&bdt=547&idt=201&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8293187164674&frm=20&pv=2&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5453484589871544&plah=www.lan-play.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
989c308e9f4cfaf01ca8f760294f7085e6bcaf8f5ce3211324e096607501026a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lan-play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5056
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 07:13:36 GMT
expires
Wed, 15 Nov 2023 07:13:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 87F6
135 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5453484589871544&plah=www.lan-play.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58e249a1432af9f0778233be2b35af10c3d336f196a77bb32211bf082a269543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lan-play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43089
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 07:13:36 GMT
expires
Wed, 15 Nov 2023 07:13:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
switch.exabytes.space/
20 B
182 B
Fetch
General
Full URL
http://switch.exabytes.space:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
136.49.253.125 Austin, United States, ASN16591 (GOOGLE-FIBER, US),
Reverse DNS
136-49-253-125.googlefiber.net
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:35 GMT
content-length
20
content-type
application/json
/
switch.exabytes.space/ Frame
0
0
Preflight
General
Full URL
http://switch.exabytes.space:11451/
Protocol
HTTP/1.1
Server
136.49.253.125 Austin, United States, ASN16591 (GOOGLE-FIBER, US),
Reverse DNS
136-49-253-125.googlefiber.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-apollo-tracing
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:36 GMT
/
tekn0.net/ Frame
0
0
Preflight
General
Full URL
http://tekn0.net:11451/
Protocol
HTTP/1.1
Server
192.241.238.136 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-apollo-tracing
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:28 GMT
/
tekn0.net/
20 B
182 B
Fetch
General
Full URL
http://tekn0.net:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
192.241.238.136 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:28 GMT
content-length
20
content-type
application/json
truncated
/
995 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2389b1f7789664c99bacb4c8d7c4186f042386cc31095fd970abbc91b25625db

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b88c74e51279fcbed7efc470fc41600668b538deed17a3c05ac30552abdfc4c3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a65891d3b966e83de68c354c46e4920ff35ef05d29924d9f40f302091c131aa3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
ads
googleads.g.doubleclick.net/pagead/ Frame 58BB
47 KB
17 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5453484589871544&plah=www.lan-play.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3bdfa4f68afaa3ee0a40f40906dad3531d5095df1ce2f671d0a57ce95a4fb00c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lan-play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17401
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 07:13:37 GMT
expires
Wed, 15 Nov 2023 07:13:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 87F6
4 KB
728 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 Nov 2023 07:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 07:03:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Nov 2023 07:13:36 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 87F6
2 KB
875 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
55331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:51:25 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 87F6
22 KB
23 KB
Image
General
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQVL8HtqVdLqjOVZuv-8uoZGBsFiCRc5dvQLtjrE9pnt3eT4Ef-7hz0VQrj38s&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cc47c554971e1f8a3d9acadeab1ce4850fa99423aebf64761fd7658fda25c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 08:31:20 GMT
x-content-type-options
nosniff
age
513736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22729
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 11:09:00 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 08 Nov 2024 08:31:20 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 87F6
16 KB
16 KB
Image
General
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQxhdpUmp_YbRGkRg4GVBmLwb-vBni5Fl0zjagRvyoLAFW4f10ra3OmQ-QWiw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01db9cb11156779f1ec33eafb8d5acdb9afa4e5653ab8bb2d06c810d00a40d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 18:59:22 GMT
x-content-type-options
nosniff
age
389654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16026
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 05:41:22 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 09 Nov 2024 18:59:22 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 87F6
23 KB
23 KB
Image
General
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ5ZqMa7uJAK694EvBOkVA4ZTK_ktW3nE-l8K9_OFXo8sQQanWaNQbzEB6nJ7M&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcc779c4f41253e3ec85bc7010aa7dbe89b484cfe084cf3f8c5a23e83fe4903a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:21:16 GMT
x-content-type-options
nosniff
age
93140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23210
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 07:44:23 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 13 Nov 2024 05:21:16 GMT
388799601516824345
tpc.googlesyndication.com/simgad/ Frame 87F6
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODgyorPzwEQ5QwYmQMyCJNiWW7BUjVL
  • https://tpc.googlesyndication.com/simgad/388799601516824345
15 KB
16 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/388799601516824345
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01bc94eace248cc63c0a8d0310a58823e49c52e536348b593929f503740874a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 17:06:46 GMT
x-content-type-options
nosniff
age
482810
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15695
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 22:16:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 08 Nov 2024 17:06:46 GMT

Redirect headers

date
Tue, 14 Nov 2023 09:11:04 GMT
x-content-type-options
nosniff
server
cafe
age
79352
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/388799601516824345
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 14 Dec 2023 09:11:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 87F6
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 15:51:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
55335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:51:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 87F6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 18:42:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
45087
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 18:42:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 87F6
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
55331
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:51:25 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 87F6
199 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 07:13:37 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 87F6
37 KB
16 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:36:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462998
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 22:22:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 22:36:58 GMT
/
switchfr.servegame.com/ Frame
0
0
Preflight
General
Full URL
http://switchfr.servegame.com:11451/
Protocol
HTTP/1.1
Server
128.78.241.142 Limoges, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
128-78-241-142.abo.bbox.fr
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
x-apollo-tracing, content-type
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:36 GMT
/
switchfr.servegame.com/
20 B
182 B
Fetch
General
Full URL
http://switchfr.servegame.com:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
128.78.241.142 Limoges, France, ASN5410 (BOUYGTEL-ISP, FR),
Reverse DNS
128-78-241-142.abo.bbox.fr
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:36 GMT
content-length
20
content-type
application/json
truncated
/ Frame 87F6
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f85c07014ce10c5187a6a000a16e5ef5fb96a09f0a18ac9c5e4dba8398ce1d12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
dr
as.ad4m.at/ad/ Frame B8DD
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1ktmm2q9vhbqn1q3j22savm8btw65fs40xhthba7gwc83q4bxhjgc16mgdsy6zbect3c9vsjsya1ynz2pk5mj37ggt1eaj2xa42zayh3rcn7xeawzkmb70f7brgnd9x03w0nqgwyscnkk6x48efpkwr6a2w54x016n6mhhgm3kft93kqb8kfw8dagqzjv0h4y8fxz1ttqbchef1fethvyvdjbk2qfqjkaye979g87abe2kgx1zcjdkv0yf7dhpsf8waenqnn4s3mfc9b6pezp642ccmk3swktxe3m21txrad0vh3tszkacfg3jv6pyx6cpnrn7yckz9pg9s4yzth8kv8p462j174a8a61919kamswnaaga6qs5wn89qy1ax9967q79dc433e3n3txp8cxvw9k7ttnc92vm5njmzs4nscjvr452cfyqr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%26client%3Dca-pub-5453484589871544%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36d895a8c7104fac0f42d5e99e02ede25dee6e75da9aac7a852daa06b5bbaf4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8265b14fcf4700b5-CDG
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 07:13:37 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 84CB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 18:42:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
45088
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 18:42:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1C0F
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
34604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Wed, 15 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 84CB
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 15:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
55332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 15:51:25 GMT
l
www.google.com/ads/measurement/ Frame 84CB
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR_zj89xhFz7tXiYSvp_oY_pXJaK9xgWPSLJere_P8IMfnGVIQfEhTXOOjJiSGUF1VN76HHv21SO7ot2VTlflyzug0Qfw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 84CB
199 KB
63 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64401
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1699878811805094"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 07:13:37 GMT
truncated
/ Frame 84CB
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e635490e04c8547b55276a6ad8256678b18cc054c76f4cb23fd9a3e5ab987b4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 1C0F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEJvmXogIN6guB3JTfkEiTVw&google_cver=1&google_push=AXcoOmRT8oDEZ_i2xtGC0MC3cGeAMqr-bA9fUXqBBM3io7jhz4Z5nJpVDFotvFzDKpIY1HEflDg2xW97V3NOrMZ-hW6ioW_7H7Ev
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMxMzM4Mjg5ODQ2NzMzODM4Nw==&gdpr=&gdpr_consent=
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMxMzM4Mjg5ODQ2NzMzODM4Nw==&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDMxMzM4Mjg5ODQ2NzMzODM4Nw==&gdpr=&gdpr_consent=
pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
dpixel
cms.quantserve.com/ Frame 1C0F
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJE3zvgtE_YNIgINHGZaFSs&google_cver=1&google_push=AXcoOmTCQkr9X8AYZE6BUE6wfitz3YDRS1-eATsrkuWZ_eQRCd31JmrGvT13Wmr4MS5VAV5Ph76dLXwW1u_xDEGe-8j_-rp-9moc_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 1C0F
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMjOjrllimY_NMtjXJ9W6g8&google_cver=1&google_push=AXcoOmQ_Eu1Gxg3PvWQ_BHpzVz5tVeAgJi_rh0sVl2Mf_pwHAuqNXTycXWFizjmilYlcswS_WDNHKciAq0GRBxdYNLTv7oH0477NEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 1C0F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEK82VXuBJh7GLTT5vQJXbyM&google_cver=1&google_push=AXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK82VXuBJh7GLTT5vQJXbyM&google_cver=1&google_push=AXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2J...
43 B
426 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK82VXuBJh7GLTT5vQJXbyM&google_cver=1&google_push=AXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8265b15168b4229c-CDG
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2125
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK82VXuBJh7GLTT5vQJXbyM&google_cver=1&google_push=AXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQWU64lMjJC5uGLf7iTZFPkZmMVtrsjaDGrNEbihADQ6Ge__ug7Q478ymCMBKACgOQXYMySwvfzryZqHWGs74TBfxnpJ2JM2w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8265b1503f7b229c-CDG
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1C0F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEF3nPU9LHjaOXOlFf-E41Mk&google_cver=1&google_push=AXcoOmRV0RcmlA2V48QEXK_L1zkBE_1VW7fTaRiXVFuvPSLvfPcrhfQrI_fRHfIFAbAEEoZAWBE0PFiDpRgmErJKvYNSb1w...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRV0RcmlA2V48QEXK_L1zkBE_1VW7fTaRiXVFuvPSLvfPcrhfQrI_fRHfIFAbAEEoZAWBE0PFiDpRgmErJKvYNSb1wk_NTylA&google_hm=eS1GUkJzWVFORTJwRTN6...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRV0RcmlA2V48QEXK_L1zkBE_1VW7fTaRiXVFuvPSLvfPcrhfQrI_fRHfIFAbAEEoZAWBE0PFiDpRgmErJKvYNSb1wk_NTylA&google_hm=eS1GUkJzWVFORTJwRTN6OGIzRDZfTF9WWGxCMHd1d2dKSH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 15 Nov 2023 07:13:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRV0RcmlA2V48QEXK_L1zkBE_1VW7fTaRiXVFuvPSLvfPcrhfQrI_fRHfIFAbAEEoZAWBE0PFiDpRgmErJKvYNSb1wk_NTylA&google_hm=eS1GUkJzWVFORTJwRTN6OGIzRDZfTF9WWGxCMHd1d2dKSH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1C0F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEojroacW_Uii9sym4pgVyc&google_cver=1&google_push=AXcoOmQZPL23mOIZY90AFLDwDRuVn8oDGeHkyNUKt_TrJKKb4c5w2xsRIMMYLPPWSc2VNgIRwhLOHt5p...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEojroacW_Uii9sym4pgVyc&google_cver=1&google_push=AXcoOmQZPL23mOIZY90AFLDwDRuVn8oDGeHkyNUKt_TrJKKb4c5w2xsRIMMYLPPWSc2VNgIRwhL...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUyMzgzMTEwODIwNjYzNjI1Mg&google_push=AXcoOmQZPL23mOIZY90AFLDwDRuVn8oDGeHkyNUKt_TrJKKb4c5w2xsRIMMYLPPWSc2VNgIRwhLOHt...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUyMzgzMTEwODIwNjYzNjI1Mg&google_push=AXcoOmQZPL23mOIZY90AFLDwDRuVn8oDGeHkyNUKt_TrJKKb4c5w2xsRIMMYLPPWSc2VNgIRwhLOHt5pbkr7XIYoqxu_DKzw-ippjQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODUyMzgzMTEwODIwNjYzNjI1Mg&google_push=AXcoOmQZPL23mOIZY90AFLDwDRuVn8oDGeHkyNUKt_TrJKKb4c5w2xsRIMMYLPPWSc2VNgIRwhLOHt5pbkr7XIYoqxu_DKzw-ippjQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1C0F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJS_sHSWjiGRrmA7zOlrpYs&google_cver=1&google_push=AXcoOmSAtPDZH0j5cteaB7QpLVL7lfQHs-h69RTIQWzvdJzrODrY9IvfJthFGFeLIpECwfYchmHHNn3dm_gD...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSAtPDZH0j5cteaB7QpLVL7lfQHs-h69RTIQWzvdJzrODrY9IvfJthFGFeLIpECwfYchmHHNn3dm_gDPIRR_LRqKPmeChA_uA
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSAtPDZH0j5cteaB7QpLVL7lfQHs-h69RTIQWzvdJzrODrY9IvfJthFGFeLIpECwfYchmHHNn3dm_gDPIRR_LRqKPmeChA_uA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSAtPDZH0j5cteaB7QpLVL7lfQHs-h69RTIQWzvdJzrODrY9IvfJthFGFeLIpECwfYchmHHNn3dm_gDPIRR_LRqKPmeChA_uA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 1C0F
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdIeCVQ7fMpZvWD1e1QmhcjH_RHz_codaJxG-jqmA7FFnkAfi5V6HvOuFoqw_LPQQMaTdO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 84CB
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C61Q8oG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoExQFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kbl6OWSykHbbRBD3XI9FvET-x3ukuSpYbfhrowxMmDzJSCXa4fpjoAG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU0NTM0ODQ1ODk4NzE1NDQYAA&sigh=L0ZMXxJ2Zg8&uach_m=[UACH]&cid=CAQSPADICaaNNbASieO9YbV-vTEEuCZ19oHHA2iHCvwyMc1ubEwNcxzU11QQyqMDEK1jU_9FuJSFSxl0aYc3lxgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 15 Nov 2023 07:13:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 84CB
0
103 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kjc7r8k8exq6h4qeph7cvsg6yth1ny1nzm62pc4dxfzk4ft2rh9abj1hw6jkn1antcmdv53j77bz9g6q5r6psgfnhdncjcnpyynef9h86dy42p3vmgdnhqazxjqksjxc5zdxbcx0qy097586bw98zk62w2x3427fxgp8q8akej19gj006v6pg4z8ye7s70cpcrzvndfwtbsxdq7g3aamm8hz8g26615px4jv5hvsgb0m2c2ad2xsdmrv94na914evjpp25dsdmew45e0b5gg755n76se56ekq5p9n8rzp7zhh6bt11ey6rapg272hndyzesr9qasq7qyjgq6b83af8dckzxkbd39607w07ekpz42rw9va3n58vhan758dq37b77gwpzdm&b=ZVRvoAAMAZIGrQKNAAZzgeCgoqXeCJNNLgidUA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x90&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032416675&bpp=1&bdt=1394&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1583&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Nov 2023 07:13:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B8DD
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ktmm2q9vhbqn1q3j22savm8btw65fs40xhthba7gwc83q4bxhjgc16mgdsy6zbect3c9vsjsya1ynz2pk5mj37ggt1eaj2xa42zayh3rcn7xeawzkmb70f7brgnd9x03w0nqgwyscnkk6x48efpkwr6a2w54x016n6mhhgm3kft93kqb8kfw8dagqzjv0h4y8fxz1ttqbchef1fethvyvdjbk2qfqjkaye979g87abe2kgx1zcjdkv0yf7dhpsf8waenqnn4s3mfc9b6pezp642ccmk3swktxe3m21txrad0vh3tszkacfg3jv6pyx6cpnrn7yckz9pg9s4yzth8kv8p462j174a8a61919kamswnaaga6qs5wn89qy1ax9967q79dc433e3n3txp8cxvw9k7ttnc92vm5njmzs4nscjvr452cfyqr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%26client%3Dca-pub-5453484589871544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ktmm2q9vhbqn1q3j22savm8btw65fs40xhthba7gwc83q4bxhjgc16mgdsy6zbect3c9vsjsya1ynz2pk5mj37ggt1eaj2xa42zayh3rcn7xeawzkmb70f7brgnd9x03w0nqgwyscnkk6x48efpkwr6a2w54x016n6mhhgm3kft93kqb8kfw8dagqzjv0h4y8fxz1ttqbchef1fethvyvdjbk2qfqjkaye979g87abe2kgx1zcjdkv0yf7dhpsf8waenqnn4s3mfc9b6pezp642ccmk3swktxe3m21txrad0vh3tszkacfg3jv6pyx6cpnrn7yckz9pg9s4yzth8kv8p462j174a8a61919kamswnaaga6qs5wn89qy1ax9967q79dc433e3n3txp8cxvw9k7ttnc92vm5njmzs4nscjvr452cfyqr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%26client%3Dca-pub-5453484589871544%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
779541
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7%2FXNomLRrsm3XFIUwEJMDIo%2FZpGbw0ld44F09M6RxUXWgtfAfrul9mTkjIT9mAG8pngPiR7%2FN7otUYZW%2BcSNeNqvqF9I38LaZtkWqLfNDLcOK%2BRYeENtMBwxOJh8jjKwCIsLmFlE8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8265b150b85200b5-CDG
expires
Thu, 16 Nov 2023 07:13:37 GMT
r62eglto.js
ad4m.at/ Frame B8DD
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ktmm2q9vhbqn1q3j22savm8btw65fs40xhthba7gwc83q4bxhjgc16mgdsy6zbect3c9vsjsya1ynz2pk5mj37ggt1eaj2xa42zayh3rcn7xeawzkmb70f7brgnd9x03w0nqgwyscnkk6x48efpkwr6a2w54x016n6mhhgm3kft93kqb8kfw8dagqzjv0h4y8fxz1ttqbchef1fethvyvdjbk2qfqjkaye979g87abe2kgx1zcjdkv0yf7dhpsf8waenqnn4s3mfc9b6pezp642ccmk3swktxe3m21txrad0vh3tszkacfg3jv6pyx6cpnrn7yckz9pg9s4yzth8kv8p462j174a8a61919kamswnaaga6qs5wn89qy1ax9967q79dc433e3n3txp8cxvw9k7ttnc92vm5njmzs4nscjvr452cfyqr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%26client%3Dca-pub-5453484589871544%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449114
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bp0WdYLClmBGeljpurbHya8OBCVqkHMIFml7blISN40iuAiIOOznEEx67U3I5a1%2FoCxSmUjPmyr%2BfRUpUBFaQzoMfoCADjblWBX83%2BVt2tGVOXKqqpda%2Fv%2FUv%2Fa%2F8Wq4vXBcKek%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
8265b150c86400b5-CDG
alt-svc
h3=":443"; ma=86400
expires
Fri, 10 Nov 2023 02:28:23 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 87F6
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 11 Nov 2023 05:15:19 GMT
x-content-type-options
nosniff
age
352698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Nov 2024 05:15:19 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame B8DD
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
145
x-guploader-uploadid
ABPtcPqau5k3lPYDcp1xZFHwNtFeK9igLdZ5HkOx3T7ddLHBR9syWgJ25u8qHPndU2qoIg05hHuozeShLePUHdcpRZF1YA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
last-modified
Tue, 21 Jun 2022 12:31:17 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1655814677405990
content-type
image/png
content-language
en
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=7200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Asr0coibhp1sOqDUnXBs4SKrmfqDWhsC8mefa8rCt2r45HMh63CEmWXT8zB7XTZl7XySZLpyyVTtSF1l9K8PA0gQP%2B%2BYeRcH7OrFTQkZJy0KU%2FEPgcMgwnIVmFwECWhVRBifk4E%2F%2FYOosNxhAM9iw4w5"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
8265b1516d490082-CDG
expires
Wed, 15 Nov 2023 07:51:16 GMT
frame.html
ad4m.at/ Frame 51BA
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
344863
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
8265b1511a3cf174-CDG
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 15 Nov 2023 07:13:37 GMT
expires
Sat, 11 Nov 2023 07:55:34 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHlXA7T5F3XdUXvD7MdqnOWkcrHKPA6xZvSwLjS4Lra6PDdshP9u7F%2FHkPMZsYg6sBAt2r3ovq2Tmz6LBU%2F8eDjmOaNOd1mNuI6ktD5La4kqDdEIDnLvqljD%2BvfN59aDeNO4caY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
www.googleadservices.com/pagead/ar-adview/ Frame 87F6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=ConwroG9UZfiACIyK78EPhcqGgAn_8JecdJednP6xEGQQASCWgOtvYPvhhYOcCqAB6qf15APIAQmoAwHIA8sEqgTNAU_QWDQY3fsvDzAD0z71-qlq71_pWL-0T3OFkUtlZ6vOsVrnjQOsvKc...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218326907757752840082%22,%22debug_reporting%22:true,%22destination%22:%22https://appsumo.com%22,%22event_report_window%22:%...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218326907757752840082%22,%22debug_reporting%22:true,%22destination%22:%22https://appsumo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221016943594%22],%224%22:[%2211-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226123766000516771745%22}&andc=true
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"18326907757752840082","debug_reporting":true,"destination":"https://appsumo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1016943594"],"4":["11-15"],"6":["true"]},"priority":"500","source_event_id":"6123766000516771745"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 15 Nov 2023 07:13:37 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 15 Nov 2023 07:13:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18326907757752840082","debug_reporting":true,"destination":"https://appsumo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1016943594"],"4":["11-15"],"6":["true"]},"priority":"500","source_event_id":"6123766000516771745"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 3629
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5453484589871544&output=html&h=280&adk=3401249843&adf=4103119460&pi=t.aa~a.356315161~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1700032416&rafmt=1&to=qs&pwprc=5739486510&format=1200x280&url=http%3A%2F%2Fwww.lan-play.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1700032415855&bpp=3&bdt=574&idt=214&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8293187164674&frm=20&pv=1&ga_vid=835575633.1700032416&ga_sid=1700032416&ga_hid=132438674&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=213&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079605%2C44795922%2C31078301%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=2058054561915420&tmod=1250830561&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 01:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
451509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Nov 2024 01:48:28 GMT
rs
ad4m.at/ Frame B8DD
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6e8164ed5388e752fe4f0f0f06d817ac162904667cb399a58c6dc437ef462e

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JktW7rEcuXHbRNtAS3pfNO91hWBz%2Fup82FG6Ah3sMu1tinJFALdvee1q42m2FsRl4hFokmpVRtcravqJZF8aaSAyLgYuSExHeUqU%2BNT8WbnpPV%2BMuGkee4VSH129YvpUG5%2BQ6c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
8265b151faba9996-CDG
x-backend-server
aa-reachservice-group-europe-west1-405x
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8265b1519a779996-CDG
content-length
24
content-type
text/plain
date
Wed, 15 Nov 2023 07:13:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38ro4tN2uhfADwddp4%2F7zpnSy4savuhnuiE%2FMJjm8UwYc%2FKhke6vRjkPwcUM0dijeo7WaOnJ61cQ3KUn2G4PVYPsrZH4OaUk%2BUAAzHUKFEbjGEPpR44jMvKqbiOi948iUIWjf1A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-pv1h
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5453484589871544&plah=www.lan-play.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d399b03033c660256a59e2370486867dc385847733014b7d7ba6e995df8ad4f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12192
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218326907757752840082%22,%22debug_reporting%22:true,%22destination%22:%22https://appsumo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221016943594%22],%224%22:[%2211-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226123766000516771745%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 15 Nov 2023 07:13:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
layer8.fail/
20 B
182 B
Fetch
General
Full URL
http://layer8.fail:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
142.132.212.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
l8.wtf
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:37 GMT
content-length
20
content-type
application/json
/
layer8.fail/ Frame
0
0
Preflight
General
Full URL
http://layer8.fail:11451/
Protocol
HTTP/1.1
Server
142.132.212.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
l8.wtf
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-apollo-tracing
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:37 GMT
rar
as.ad4m.at/ad/ Frame 6AC7
9 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe4cba52b19e0f71062deacc397b6e2122bdff82c9accf07e61e396ce0271661
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1ktmm2q9vhbqn1q3j22savm8btw65fs40xhthba7gwc83q4bxhjgc16mgdsy6zbect3c9vsjsya1ynz2pk5mj37ggt1eaj2xa42zayh3rcn7xeawzkmb70f7brgnd9x03w0nqgwyscnkk6x48efpkwr6a2w54x016n6mhhgm3kft93kqb8kfw8dagqzjv0h4y8fxz1ttqbchef1fethvyvdjbk2qfqjkaye979g87abe2kgx1zcjdkv0yf7dhpsf8waenqnn4s3mfc9b6pezp642ccmk3swktxe3m21txrad0vh3tszkacfg3jv6pyx6cpnrn7yckz9pg9s4yzth8kv8p462j174a8a61919kamswnaaga6qs5wn89qy1ax9967q79dc433e3n3txp8cxvw9k7ttnc92vm5njmzs4nscjvr452cfyqr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%26client%3Dca-pub-5453484589871544%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
8265b1523bb5f174-CDG
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 07:13:37 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6AC7
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
779541
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fi3fEeJTJ09yhzGUtaoWGiVkl%2FWNtwuGPBGq%2BJL2T%2FkEkv4bkW5M39rwFtEFn%2BCAaBa8SephOSMvdCbzsbasph2NR9qL4eqfSHBfrmU6PgK4tDciO9i4BAlBmQ%2FF6ha1gsz8VFuSkrM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
8265b1528c01f174-CDG
expires
Thu, 16 Nov 2023 07:13:37 GMT
CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
assets.ad4m.at/logo/ Frame 6AC7
5 KB
6 KB
Image
General
Full URL
https://assets.ad4m.at/logo/CB657DFF981908F52026808C3EC67742597371F9C5A62BA0019B93E0EA086B7A50C8442145BDB34CB6C406D282BC422958046D73D8FC4606E85833099551F02F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181e86d9dfaf9f8e6289692b4fd4cdb553bb1b09c344a4a45cb2d7b018e02216

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
363620
cf-polished
origFmt=png, origSize=6291
alt-svc
h3=":443"; ma=86400
content-length
5352
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Nov 2023 06:29:33 GMT
server
cloudflare
etag
"c56b074dcb4c6eef38c4679c500cd0f1"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uz23%2Ft4hcYIePNOlj1mrifdYWu%2FGjPSWgpqqlP14nPZn6GtWnOHnXeYOMvS3AapEWvSVljcYGXCKquiqQ%2FN1t8UZYxPYNOupLjd%2FjBy2O2msveCbuBw7ah1I4mID8Ds0%2BTZs1fqxMSs58jnX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8265b1529a2400b5-CDG
4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
assets.ad4m.at/product_image/ Frame 6AC7
30 KB
31 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/4152008FA3D646ED4C833EF42E1D50F4EACE2DEE9918F0C3A01B822A121FE7D49B79F3D604D9BB460422C9933408EB8FC024051051B8566807EA89FBAC66EAE6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe80ecb5d21378a5804e941e8a48e1a41354b312ffa3faab19927016ca88ddb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
191555
cf-polished
qual=85, origFmt=jpeg, origSize=31723
alt-svc
h3=":443"; ma=86400
content-length
31102
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 21:46:51 GMT
server
cloudflare
etag
"26ee79b8f8e8d1f3a06a2daa47b33399"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYBl2PhDj1wr%2Fyc6j%2Fs7NZUjSVC6NPoRONY5XOl273TGY2OBxEO6xgfYs3k3IR8k6nBAIeuofy4STyiN4kl%2FMP4a7LAJWmiq1MiLEQe2vxqztIdlxw63iZDHWFfsXu9Z4g4tKg8vvBfbk0pL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8265b1529a2600b5-CDG
cshow.php
www.awin1.com/ Frame 6AC7
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=3247894&v=25911&q=423187&r=412871&pv=1&pref3=oneidbWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 07:13:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
E808B2890563799EB9222C23BDFF94DA1184FBABBDCA159E788CF8E43B522584E6774F0A52B115FF6BA9A9C58C8741F85C4A1E509D6D37D05AF41384C7FACDCA
assets.ad4m.at/logo/ Frame 6AC7
9 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E808B2890563799EB9222C23BDFF94DA1184FBABBDCA159E788CF8E43B522584E6774F0A52B115FF6BA9A9C58C8741F85C4A1E509D6D37D05AF41384C7FACDCA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb1de8f2846f3bb4a31db1da27ed56c7471b11187fc9160bc884db14beee9496

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
393612
cf-polished
qual=85, origFmt=jpeg, origSize=11646
alt-svc
h3=":443"; ma=86400
content-length
9432
cf-bgj
imgq:85,h2pri
last-modified
Fri, 10 Nov 2023 13:14:06 GMT
server
cloudflare
etag
"9c83d8f1eefe2c5df97c84ec02faa759"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fr%2FTmdvNVzkyvtMRhIlb06KhaSFzt9zTzUxuRKvXqNF%2F02n4n0FjcpKpS%2Bb5D8cQ62Ql%2FqIS7Zh%2B%2Bu%2FqODjDk4ul8SLPOiUz%2BLJUfw1P94eM5TilFeHkDAUcjSp5cf9a7Ejm8N2Fng5MqTo9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8265b1529a2900b5-CDG
E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
assets.ad4m.at/product_image/ Frame 6AC7
14 KB
14 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417d4bb416242f57b789f1c99d44ef3e30277545bc74b3a419e6103fb2f51f0e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
388439
cf-polished
qual=85, origFmt=jpeg, origSize=18797
content-disposition
inline; filename="E9568BF16A4CF16F4C3D6132693718A938BB4E733CD0FEFA608F1AADCD73C1EF1DAE8494C29C63AAD70B63F0CAE3AF121DC5C5FA887CD79B3430024006F84E87.webp"
alt-svc
h3=":443"; ma=86400
content-length
14104
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 16:19:24 GMT
server
cloudflare
etag
"406ed2dce6c7bc6aa53828d2fc40ec9c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHxB2%2FVIJToWXZeQGjK6LZL%2BlnTAdBquID3XrefGW2ZcoMjCqLz7zfWtO53FVobW08iIUX2nYZIQSmZfNBU2z%2FN8ogZB33j9L8P7kAeyRpVQ%2BelvM%2BxmnDmX0%2B6hmcX4TM8qipf8vZHM0lxt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8265b1529a2700b5-CDG
/
jpp.aircaraibes.com/ Frame 6AC7
43 B
2 KB
Image
General
Full URL
https://jpp.aircaraibes.com/?t=P51125B56C8632157&argsite=oneidpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCEoneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS
front.netaffiliation.net
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Wed, 15 Nov 2023 07:13:37 GMT
Strict-Transport-Security
max-age=63072000
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D
0.026282072067261
Connection
keep-alive
X-TRK-PROC
70235
Pragma
no-cache
Referrer-Policy
origin-when-cross-origin
X-TRK-SRV
8
Server
nginx
Last-Modified
Wed, 15 Nov 2023 07:13:37 GMT
X-TRK-DECISION
7
Vary
Accept-Encoding, Origin
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials
true
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Expires
Mon, 26 Jul 1997 05:00:00 GMT
30C910A941FA85AD03295DFB68A6BFBCF741FEB80154E0E0CD31239C91CE2C2991FCD126661C71EDFF2266EF14516FB5EDC963C54DF44E47951CCA4FEE1A26B6
assets.ad4m.at/logo/ Frame 6AC7
19 KB
19 KB
Image
General
Full URL
https://assets.ad4m.at/logo/30C910A941FA85AD03295DFB68A6BFBCF741FEB80154E0E0CD31239C91CE2C2991FCD126661C71EDFF2266EF14516FB5EDC963C54DF44E47951CCA4FEE1A26B6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f7121b3d10b0c8bf3322e2752d030a14ed36e50cfdf8c2f466a92b6857bf87

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
355610
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
19215
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 10:33:26 GMT
server
cloudflare
etag
"124ce5c58970a2f2d88d2a9fbc5086d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C4e1DkO2Flqn1d3M9PrghQVZE1aid7fbhq31NqQePa432PYq7%2FSelP9WUCot%2BomrlCTTzw1ElvT4n6DMeAfbO%2BEeVNF4iLdhlhDedcdO%2FDa5q2u5IiN3vR%2FeI%2F0lD52Pq2bgrTG1VKYzA7Dv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8265b1529a2800b5-CDG
A7F6136CE9D6187B580BCA3A1FD42FD50B79A1DABCBEB98798D9F6B4BD15AD68F62B440956E5ADFC6CA82A4963A6D33BE1560F2F94DC693BDA89C8C8BA78038A
assets.ad4m.at/ Frame 6AC7
45 KB
45 KB
Image
General
Full URL
https://assets.ad4m.at/A7F6136CE9D6187B580BCA3A1FD42FD50B79A1DABCBEB98798D9F6B4BD15AD68F62B440956E5ADFC6CA82A4963A6D33BE1560F2F94DC693BDA89C8C8BA78038A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a3a9c1bacbd982d174bf17ab81524d04ee2a0bb8ba254dbc47bbe52e8855ee

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
349292
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
45630
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 16:28:35 GMT
server
cloudflare
etag
"10177595d8f93b897a90cfb5d20399b4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ab101RLa7hJ2FWus%2F4RXOmD%2Bk2jW4g%2BEA38GPahRAgF2GfpoeJqXEPCcmi1klcXX5j6wOdy7eKN0e8p6tjqw5%2BeKzj66MxKjaVNKaYIRNP%2Fd7w8BLDExqEqIzfrD23XvHjKjCC2W7E4xScCx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
8265b1529a2a00b5-CDG
cshow.php
www.awin1.com/ Frame 6AC7
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=3426239&v=53373&q=468853&r=412871&pv=1&pref3=oneidMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3oneid__suite_Netmix_Reach61_Tech&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=311476%2C119648%2C704302&b=bWgtQfAecqJw7tYHbHztKtD7V8axTJT5WWaJ%2CpAZT1fMxFmZbrukH4Hmtztd1KagTRTEXXCE%2CMVWuzf7Ya37M1UWHEHGtDteJm9t9T4Tb66c3&f=39zHpfA7cVRpAf7HrHAtXCrRK7S8TWTA11Cd%2CJ6ETzfPgU6WDgSBH6H7tqCzdVSXTgTbWWcX%2C6dMUefEzCA376feHmHYtECgE3BU2T1T2qqh7&c=728&d=90&e=&g=b570f39f80c725437fbe9081dabac89f%2F18382485522888528308&i=108136%2C30425%2C203693&j=16%2C15%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach61_Tech&r=1700032417571&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h0e12d6net19d25sfwrwq1c14c253hy6bqdxrdzq2bzwgs6d1w70ssse2x7nvw8yntk8c51xy70nrg7ygkw3j2mrbfjfnvbkqc2sc1meh76qf6wg3ny4t7czyccp9keev0kmcfqgcdt6t01rfr32t22gb8kj5pv0bwvffhg1c3yxytns0r11w769etd24ajygfbdkahvs7f9egj99052gqw7jgm4epjnbm4apmsa5nbyqgvsqdhch36np73g0f3ce585tt6rpn1mrwemnt0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCXFaNoG9UZZKDMI2FtOUPgeeZqALi0rL2YcexjoqOCMCNtwEQASAAYPvhhYOcCoIBF2NhLXB1Yi01NDUzNDg0NTg5ODcxNTQ0yAEJqQJncF0sOD6yPqgDAcgDAqoEyAFP0NTIE7LZzGRjoYKVfvnFPjMZuN-ROtTuINrH8jeBmjJmUWREQxn_ADsy1AeuM0rAxWB9Xj4f6lPswajhklZhLeyz1PahXM27uRk53vVEpaSborhRIHJWIOIMKSL20IfGROnIBbhJ3uC89yAikYx5rHbPPni-7sTKHA9cegDc-4zL7RWMkGMAGWZVbNkg_ydzCUnyzwSWRHxEVlTo8kan6sQAHbhcLdjEwbqcdjKavwbkP-6HeT4_F-zysYniCThCtxipRpuJv4AG-MyI0celsc8joAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2Y4VrzU9haL9PGEt-zgXN70V41UQ%2526client%253Dca-pub-5453484589871544%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.102.45.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-45-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Nov 2023 07:13:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5453484589871544&plah=www.lan-play.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Nov 2023 07:13:37 GMT
de.e0735c98.svg
www.lan-play.com/img/
405 B
754 B
Image
General
Full URL
http://www.lan-play.com/img/de.e0735c98.svg
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
ff9d9044f3612f13fe7c7bba12d57b1bafb1b13b21feced1bb768de7f8c8a408

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:37 GMT
last-modified
Sat, 11 Nov 2023 02:55:16 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546FA1_12DE:3654
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
405
expires
Wed, 15 Nov 2023 07:28:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0535
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lan-play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
38043
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 20:39:34 GMT
expires
Wed, 13 Nov 2024 20:39:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A5B4
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ac1bc7db2dfab5ab2c5be64176d6babe530a42c6f51064af0282fcbe1e2ac19
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WCGP99alQqjvf14_U00C6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.lan-play.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-WCGP99alQqjvf14_U00C6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 07:13:37 GMT
expires
Wed, 15 Nov 2023 07:13:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 0535
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 18:52:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
44482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 18:52:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A5B4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=2058054561915420&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

/
switchlanplay-tw.ddns.net/
20 B
182 B
Fetch
General
Full URL
http://switchlanplay-tw.ddns.net:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
122.116.141.58 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
122-116-141-58.hinet-ip.hinet.net
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:38 GMT
content-length
20
content-type
application/json
/
switchlanplay-tw.ddns.net/ Frame
0
0
Preflight
General
Full URL
http://switchlanplay-tw.ddns.net:11451/
Protocol
HTTP/1.1
Server
122.116.141.58 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
122-116-141-58.hinet-ip.hinet.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
x-apollo-tracing, content-type
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:38 GMT
generate_204
tpc.googlesyndication.com/ Frame 0535
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?9J8-CQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
switch-lanyplay-de.ddns.net/
20 B
182 B
Fetch
General
Full URL
http://switch-lanyplay-de.ddns.net:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
62.143.93.53 Leverkusen, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-062-143-093-053.um16.pools.vodafone-ip.de
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:37 GMT
content-length
20
content-type
application/json
/
switch-lanyplay-de.ddns.net/ Frame
0
0
Preflight
General
Full URL
http://switch-lanyplay-de.ddns.net:11451/
Protocol
HTTP/1.1
Server
62.143.93.53 Leverkusen, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE),
Reverse DNS
ip-062-143-093-053.um16.pools.vodafone-ip.de
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-apollo-tracing
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:37 GMT
de.e0735c98.svg
www.lan-play.com/img/
405 B
754 B
Image
General
Full URL
http://www.lan-play.com/img/de.e0735c98.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/chunk-vendors.c40f0db7.js
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
ff9d9044f3612f13fe7c7bba12d57b1bafb1b13b21feced1bb768de7f8c8a408

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:38 GMT
last-modified
Sat, 11 Nov 2023 02:55:16 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546FA2_12F1:3654
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
405
expires
Wed, 15 Nov 2023 07:28:38 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 87F6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvE53as0HvXRQLfPKIAfyL5zlKtkpnWWDqMQy_3p_iVmFmgjoBqR-FX5YTzkqB6oKNwv36fjQKlbWxfQHgGsCZcAckro9HIuWhMG8pROfnGEEv2V5GYQqRZrq5aMyd4MjaMCNymgFJ13H16&sai=AMfl-YSeItterzCbXV0vzNLOC54N9NwH7QCr3lMiCkeHH9_FyqoPTwo-XLXhuAesftmPWWtutA-NdyXHryuwg6xQwzgp9cliAzKcwNj-qhYHP9tHywQ0oPdRyfEZmeLOUw8CLN6ZhxZiYK_I2ODdl1ZfmA&sig=Cg0ArKJSzHiecBMxzBu3EAE&cid=CAQSTwDICaaNmDnff688ulkbyKGYmERzP4KFbXSFehldPJqtASMDdaW5qKIGlNSazx0FfOAzMbJ6gZvSavDduPqHzHz7Rs-wdmkW-4ZtMj9AFBwYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231113&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3401249843&rs=2&la=1&cr=0&vs=4&r=v&rst=1700032416087&rpt=1381&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Nov 2023 07:13:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=2058054561915420&bg=!W1ilWBfNAAZxrfrxUa07ADQBe5WfOFdaZX-_pD_XMs4o1P44BPOMelaeA4bwTPoYSqYDaLDy4NDWW8od_qqD75yL2my3AgAAAHdSAAAABGgBBwoAoRRydt0NQ0AU_Wcc2bnwJzPEVq8yNlTpqL1nSsq6HkpGglG7l4FPUTIXwWGia7kuGaZS3Uz45PgxOyHGdxMHQp702GvBMPlDNePlXwW1JeTblbAgxNl58AFStkmKiltmllJ685lQQfwJW-SbO0FwhI-0DISd9gw5cEN8XF8r46Qv4R28bYZ0bfhhSOFdSzgJbIxVm3iQ1aBXRFCxneDI6PXkmQKzFycDz8mKgPAA5R7PKkZayoySLtP3Wk5hfP4qWMuGjLHq0FyfudYsMq0xdEfVvMbhnqRwkSGCawXSitVyt0VdPqRWFp4ggGa7ZDlsmxI76mKI4b5GUP__7uXO3j4lHk40RE_qDn11Jj4DtU9NPGHf_NEKPnaXc2z3B-iJVA9C4DQeQU8vy7wh35PVpChOg6TKXb2CO8IqfALPGWkLSxMNmCF36VTYDMn-mO0sSWibFf8JXnpDx5RjRIlipL8qtQPV4KbBWWqFx-9AZGVz0Xil9tu13ox9QMkH1sJjqYJlegPc7GYfCvTEnuJNawx7ruoMn5xJSpNxwzOcn0qWJ3LvibfLHNeRSSKG-YHtBCqVZYP2gZNsXka_6GZ-0IIW2tkNsbY6OpE7UHDsvsS7dvRykIU-e5p_OtIaVbPDtUwMYdsI4EPdyP9zp__WJHU7HYrds24oQlob0oM2ff9359sG-C0iV7THC_wSIE1pcMzbanz7F7rlIEEmNW90oH7flaK_jjb8JMcvLz8HVEKxtIkrS7ddPh6KvJSlE2bOkWbfRIngS3sRNFmaNm8Bo9bU0C341JMPipGFQJykzjnxFz-CmRSA74nx9AHjBauwWucVKyBwzVBtOkHA89YlXnx59CSknsTDwvXDzv11zu5JMmao31vF83VcAs2aQ0A18mEZ9ke6viIKQ13woU3hEhTGOz_aymtVYMRz5uCPLdOjJVyPkGPhvFcc9daTo2-85UA6yqCEOz27b2qE9DGPwwynaUqxwgqPy3kV_UNqDSjH2mSvEt7Hi-s1PwtGsJ3xYXq0jrxRhvY7y5zFfJv96BwQmyDnI_4qMqjyro4d4sQr6y5h6CMiDbPygXhqwbXP-49YrlvO1zcrQ3Ixq4US7G7HUPYPJkbuDD3H-09vH4S1JVF1HzvYnQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

/
switch.nvds.be/
20 B
182 B
Fetch
General
Full URL
http://switch.nvds.be:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
148.251.7.154 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv1.nvds.be
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:38 GMT
content-length
20
content-type
application/json
/
switch.nvds.be/ Frame
0
0
Preflight
General
Full URL
http://switch.nvds.be:11451/
Protocol
HTTP/1.1
Server
148.251.7.154 Wernigerode, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv1.nvds.be
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-apollo-tracing
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:37 GMT
de.e0735c98.svg
www.lan-play.com/img/
405 B
754 B
Image
General
Full URL
http://www.lan-play.com/img/de.e0735c98.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/chunk-vendors.c40f0db7.js
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
ff9d9044f3612f13fe7c7bba12d57b1bafb1b13b21feced1bb768de7f8c8a408

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:38 GMT
last-modified
Sat, 11 Nov 2023 02:55:16 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546FA2_1309:3654
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
405
expires
Wed, 15 Nov 2023 07:28:38 GMT
jp.430c1769.svg
www.lan-play.com/img/
637 B
986 B
Image
General
Full URL
http://www.lan-play.com/img/jp.430c1769.svg
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
6bd5989035c69bd8ae5c4d295e48e13112df03db62d6ec31a9426ce51abfd209

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:38 GMT
last-modified
Sat, 11 Nov 2023 02:55:38 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546FA2_130B:3654
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
637
expires
Wed, 15 Nov 2023 07:28:38 GMT
/
erdbeerbaerlp.de/
20 B
182 B
Fetch
General
Full URL
http://erdbeerbaerlp.de:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
138.201.206.230 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
erdbeerbaerlp.de
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:38 GMT
content-length
20
content-type
application/json
/
erdbeerbaerlp.de/ Frame
0
0
Preflight
General
Full URL
http://erdbeerbaerlp.de:11451/
Protocol
HTTP/1.1
Server
138.201.206.230 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
erdbeerbaerlp.de
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
x-apollo-tracing, content-type
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:39 GMT
/
switch.jayseateam.nl/
20 B
182 B
Fetch
General
Full URL
http://switch.jayseateam.nl:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
84.245.9.213 Deventer, Netherlands, ASN25596 (CAMBRIUM-AS, NL),
Reverse DNS
84-245-9-213.dsl.cambrium.nl
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:39 GMT
content-length
20
content-type
application/json
/
switch.jayseateam.nl/ Frame
0
0
Preflight
General
Full URL
http://switch.jayseateam.nl:11451/
Protocol
HTTP/1.1
Server
84.245.9.213 Deventer, Netherlands, ASN25596 (CAMBRIUM-AS, NL),
Reverse DNS
84-245-9-213.dsl.cambrium.nl
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-apollo-tracing
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:38 GMT
de.e0735c98.svg
www.lan-play.com/img/
405 B
754 B
Image
General
Full URL
http://www.lan-play.com/img/de.e0735c98.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/chunk-vendors.c40f0db7.js
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
ff9d9044f3612f13fe7c7bba12d57b1bafb1b13b21feced1bb768de7f8c8a408

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:39 GMT
last-modified
Sat, 11 Nov 2023 02:55:16 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546FA3_132A:3654
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
405
expires
Wed, 15 Nov 2023 07:28:39 GMT
nl.0f0d5c45.svg
www.lan-play.com/img/
647 B
996 B
Image
General
Full URL
http://www.lan-play.com/img/nl.0f0d5c45.svg
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
c498d9b5a06731e3d2c215b1bc67666cff5da70388117ac017a799aa36fb3d7c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:39 GMT
last-modified
Sat, 11 Nov 2023 02:55:52 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546FA3_132D:3654
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
647
expires
Wed, 15 Nov 2023 07:28:39 GMT
/
switch.servegame.com/
20 B
182 B
Fetch
General
Full URL
http://switch.servegame.com:11451/
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/app.e2f30c4f.js
Protocol
HTTP/1.1
Server
89.163.151.130 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e

Request headers

Referer
http://www.lan-play.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lan-play.com
date
Wed, 15 Nov 2023 07:13:40 GMT
content-length
20
content-type
application/json
/
switch.servegame.com/ Frame
0
0
Preflight
General
Full URL
http://switch.servegame.com:11451/
Protocol
HTTP/1.1
Server
89.163.151.130 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lan-play.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-apollo-tracing
access-control-allow-methods
POST
access-control-allow-origin
http://www.lan-play.com
content-length
0
date
Wed, 15 Nov 2023 07:13:40 GMT
de.e0735c98.svg
www.lan-play.com/img/
405 B
754 B
Image
General
Full URL
http://www.lan-play.com/img/de.e0735c98.svg
Requested by
Host: www.lan-play.com
URL: http://www.lan-play.com/js/chunk-vendors.c40f0db7.js
Protocol
HTTP/1.1
Server
188.165.53.185 Sotteville-lès-Rouen, France, ASN16276 (OVH, FR),
Reverse DNS
cluster021.hosting.ovh.net
Software
Apache /
Resource Hash
ff9d9044f3612f13fe7c7bba12d57b1bafb1b13b21feced1bb768de7f8c8a408

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
http://www.lan-play.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 07:13:40 GMT
last-modified
Sat, 11 Nov 2023 02:55:16 GMT
server
Apache
x-iplb-request-id
B22190B1:9A2C_BCA535B9:0050_65546FA4_1384:3654
x-iplb-instance
38227
content-type
image/svg+xml
cache-control
max-age=900
accept-ranges
bytes
content-length
405
expires
Wed, 15 Nov 2023 07:28:40 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| webpackJsonp boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__ object| dataLayer function| gtag object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

18 Cookies

Domain/Path Name / Value
.lan-play.com/ Name: __gads
Value: ID=b99300b9c0e3427f:T=1700032416:RT=1700032416:S=ALNI_MaRepOyhGjbvMllyMAmeDVOnOmGCw
.lan-play.com/ Name: __gpi
Value: UID=00000cc7fba0bcfc:T=1700032416:RT=1700032416:S=ALNI_MYLd1uzGSYGXUKIfaLEIAomRQBeUg
.doubleclick.net/ Name: IDE
Value: AHWqTUkuO6H20zZhCeob0Dk2uVwm_-bKm_bqrERfXaVdaBhi8fTQ-mkm08NbgPDCsuU
.quantserve.com/ Name: d
Value: EAUBCQG3KoEA
.quantserve.com/ Name: mc
Value: 65546fa1-53ebc-f7017-6a3ee
.yahoo.com/ Name: A3
Value: d=AQABBKFvVGUCEMhBtxlimLlj6VJ35n4ElkkFEgEBAQHBVWVeZQAAAAAA_eMAAA&S=AQAAAiQf4zFq7vX-h3YT97aPwdo
.adform.net/ Name: C
Value: 1
.turn.com/ Name: uid
Value: 4313382898467338387
.adform.net/ Name: uid
Value: 8523831108206636252
.tribalfusion.com/ Name: ANON_ID
Value: aintuJt3er66AxvPBQpBmgZachslO3wXvwV9jiduTM33ajZaTvHXmcxE8FqgnYcKmDKxqMGIqaYKXTZbZb6GfSVTBSCZc
.awin1.com/ Name: awpv53373
Value: 412871|1700032417|7f2f80e0-8386-11ee-92fe-22394270969d
.googleadservices.com/ Name: ar_debug
Value: 1
.aircaraibes.com/ Name: neta_ssc
Value: afb5f4dl7qnx3hbs3sahoeh7oavk
.aircaraibes.com/ Name: netases_ssc
Value: afb5f4dl7qnx3hbs3sahoeh7oavk
.aircaraibes.com/ Name: kwknc_ssc
Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.aircaraibes.com/ Name: kwkncses_ssc
Value: dp51125b56c8632197-b25laWRwQVpUMWZNeEZtWmJydWtINEhtdHp0ZDFLYWdUUlRFWFhDRW9uZWlkX19zdWl0ZV9OZXRtaXhfUmVhY2g2MV9UZWNo
.awin1.com/ Name: awpv25911
Value: 412871|1700032417|7f32dc40-8386-11ee-84cc-223908f3a6a6
.awin1.com/ Name: AWSESS
Value: 423187:3247894

37 Console Messages

Source Level URL
Text
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://calvin991.ddns.net:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://dojo.humblefist.com:11452/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://mariokart8.jbgaming.ca:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lan.imperialcommand.xyz:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lan-play.tk:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://frog-skins.com:11451/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lan.teknik.app:11451/' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://badswitchlanplay.ml:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lanplay.ddns.net:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://switch-lan.online:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://switch.pidserkoler.de:11451/' failed: Error in connection establishment: net::ERR_ADDRESS_UNREACHABLE
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://herbertfx.ddns.net:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lanplay.degepii.ml:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://badps4lanplay.ml:22451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://switchbros.ddns.net:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://edgymin.ga:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://ldn.346lab.org:11451/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://tgceo.cn:11460/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lanplaybrasil.myddns.me:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lanplayserver.if6-dev.tk:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://tgceo.cn:11451/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lan.nonny.horse:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://jadelabe.com:11451/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lanplay.teamneptune.net:11451/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://cajuina.ddns.net:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://switchlanplay.sephirot.pl:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://mario-kart-8.tk:11453/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://tgceo.cn:11452/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://tgceo.cn:11458/' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://nortebr.ortega.network:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lanplay.daroku.tk:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://m0348.servegame.com:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://asypost.kmdns.net:11452/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://animal--crossing.tk:11452/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED
network error URL: http://www.lan-play.com/js/app.e2f30c4f.js
Message:
WebSocket connection to 'ws://lanplay.verdandi.icu:11451/' failed: Error in connection establishment: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ad4m.at
api.uptimerobot.com
as.ad4m.at
assets.ad4m.at
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
erdbeerbaerlp.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
joinsg.net
jpp.aircaraibes.com
layer8.fail
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
s.tribalfusion.com
static-de.ad4mat.net
switch-lanyplay-de.ddns.net
switch.exabytes.space
switch.jayseateam.nl
switch.nvds.be
switch.servegame.com
switchfr.servegame.com
switchlanplay-tw.ddns.net
tekn0.net
tpc.googlesyndication.com
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.lan-play.com
104.102.45.165
122.116.141.58
128.78.241.142
136.49.253.125
138.201.206.230
142.132.212.158
142.250.185.98
142.250.186.130
148.251.7.154
188.165.53.185
192.241.238.136
199.60.101.194
2001:678:cb4:bbbb::11
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:47d6
2606:4700::6812:19ad
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a02:fa8:8806:12::1400
2a05:d018:d29:3605:edde:ec13:7780:210a
37.157.2.229
51.89.9.252
62.143.93.53
84.245.9.213
89.163.151.130
95.131.136.1
003a670e5441cf0c6b6f93d6ae401235b1c8af0d625dcd79aec5e0e2a0c917a6
007846aec7789f0fe26bdb56e55be0a6e582c5655b0e420fa7223eaea0f54568
01bc94eace248cc63c0a8d0310a58823e49c52e536348b593929f503740874a1
01db9cb11156779f1ec33eafb8d5acdb9afa4e5653ab8bb2d06c810d00a40d54
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0cc47c554971e1f8a3d9acadeab1ce4850fa99423aebf64761fd7658fda25c8c
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
15fa50c3f55d3c895aa1cdb051492972f3a116d01fe4e964c7cc20751d3cba8c
181e86d9dfaf9f8e6289692b4fd4cdb553bb1b09c344a4a45cb2d7b018e02216
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1d57b501da6d2322b7fec783aaef56068c01ce47e155ccbe6e5c1745c8e017ad
1dc39783161c952c8f5c0c9b184ace95c2d83352157c6f7f36e054b7e1b06b3a
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
2389b1f7789664c99bacb4c8d7c4186f042386cc31095fd970abbc91b25625db
24f7121b3d10b0c8bf3322e2752d030a14ed36e50cfdf8c2f466a92b6857bf87
253591558844bc773424e49bd784a010f7ba4618ddf2ddf6834f8825a56a7c1e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35d057e3ae0fe76a7711d1f42435c0063e36a4f74741f1a3a65f762ef71f718d
3bdfa4f68afaa3ee0a40f40906dad3531d5095df1ce2f671d0a57ce95a4fb00c
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
417d4bb416242f57b789f1c99d44ef3e30277545bc74b3a419e6103fb2f51f0e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4d169d939a5cd2597a5de360b118ccca2a8ffade9238e870a2049b3b29b69e28
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58e249a1432af9f0778233be2b35af10c3d336f196a77bb32211bf082a269543
5ac1bc7db2dfab5ab2c5be64176d6babe530a42c6f51064af0282fcbe1e2ac19
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
68a3a9c1bacbd982d174bf17ab81524d04ee2a0bb8ba254dbc47bbe52e8855ee
69e09d41b9f5fad06ff3eea848b3f3fba168027a8273acea7c853cfb13974e3f
6bd5989035c69bd8ae5c4d295e48e13112df03db62d6ec31a9426ce51abfd209
7319fef6e98256b049949e57537e362086e08d0cce1abd83dfd7f4158f644f50
7e635490e04c8547b55276a6ad8256678b18cc054c76f4cb23fd9a3e5ab987b4
8dd1c433cff21961374c39bf183ae46d409a72f1dabf75cc966f1afd15ecf92b
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
989c308e9f4cfaf01ca8f760294f7085e6bcaf8f5ce3211324e096607501026a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a65891d3b966e83de68c354c46e4920ff35ef05d29924d9f40f302091c131aa3
b88c74e51279fcbed7efc470fc41600668b538deed17a3c05ac30552abdfc4c3
b8e46c4a04cc10f2443d7ffe8b2eecb15dd895dc1c8ca69e21575602aa383633
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
c498d9b5a06731e3d2c215b1bc67666cff5da70388117ac017a799aa36fb3d7c
d399b03033c660256a59e2370486867dc385847733014b7d7ba6e995df8ad4f7
d84e823edd228cab0e7b139a09bab22b85d2bb784e2ea43746f0a04ba1c9c42c
dcc779c4f41253e3ec85bc7010aa7dbe89b484cfe084cf3f8c5a23e83fe4903a
dd6e8164ed5388e752fe4f0f0f06d817ac162904667cb399a58c6dc437ef462e
e022b10d724c02bb5db4228230df83e5a7f5d6ffa1bac6ede7418f8e726366b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5480a54cf761b91335a597f6126d5b1529bb62a32806cd5a7b24e2c32e62cac
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e88fe1fa91106f460d3a1861e6cd412ec345605dfb7d238a30f669ced6eecf02
e95b5e90d20e3970bcbf86ddf523f76c3a6ed5c20e1482532567cbbfb614bc4c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3bb29709966d129ee7c25526332d37e9c80a66f90be3953bcff733d420f82d
f36d895a8c7104fac0f42d5e99e02ede25dee6e75da9aac7a852daa06b5bbaf4
f85c07014ce10c5187a6a000a16e5ef5fb96a09f0a18ac9c5e4dba8398ce1d12
fb1de8f2846f3bb4a31db1da27ed56c7471b11187fc9160bc884db14beee9496
fe4cba52b19e0f71062deacc397b6e2122bdff82c9accf07e61e396ce0271661
fe80ecb5d21378a5804e941e8a48e1a41354b312ffa3faab19927016ca88ddb7
ff9d9044f3612f13fe7c7bba12d57b1bafb1b13b21feced1bb768de7f8c8a408