Submitted URL: https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WEr...
Effective URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Submission: On February 18 via manual from FR

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 59 HTTP transactions. The main IP is 46.252.181.159, located in France and belongs to MAGICRETAIL, FR. The main domain is www.cncplay.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 20th 2019. Valid for: 3 months.
This is the only time www.cncplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
21 www.cncplay.com 1 redirects 3w7n9.r.a.d.sendibm1.com
www.cncplay.com
12 cncprod.cellar-c2.services.clever-cloud.com www.cncplay.com
cdn.jsdelivr.net
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.cncplay.com
2 api.clickncom.com www.cncplay.com
2 www.facebook.com www.cncplay.com
2 connect.facebook.net 3w7n9.r.a.d.sendibm1.com
connect.facebook.net
2 cdn.jsdelivr.net www.cncplay.com
2 fonts.googleapis.com www.cncplay.com
1 www.google.de www.cncplay.com
1 www.google.com www.cncplay.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.cncplay.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.cncplay.com
1 cncplay.com 1 redirects
1 sibautomation.com 3w7n9.r.a.d.sendibm1.com
1 3w7n9.r.a.d.sendibm1.com
59 17

This site contains no links.

Subject Issuer Validity Valid
*.r.a.d.sendibm1.com
Let's Encrypt Authority X3
2020-02-04 -
2020-05-04
3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-01-31 -
2020-10-09
8 months crt.sh
www.cncplay.com
Let's Encrypt Authority X3
2019-12-20 -
2020-03-19
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-14 -
2020-03-22
6 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
*.cellar-c2.services.clever-cloud.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-20 -
2021-02-17
a year crt.sh
www.googleadservices.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
www.google.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
www.google.de
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months crt.sh
api.clickncom.com
Let's Encrypt Authority X3
2019-12-20 -
2020-03-19
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.cncplay.com/en/p/DcA_wFA_Zi
Frame ID: C2C8B56A31D57B5E9D244042688B51D1
Requests: 62 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2235899
Frame ID: 6B457E760F026ED50DB864AD113F1978
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11... Page URL
  2. https://cncplay.com/p/DcA_wFA_Zi HTTP 301
    https://www.cncplay.com/p/DcA_wFA_Zi HTTP 302
    https://www.cncplay.com/en/p/DcA_wFA_Zi Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/_nuxt\//i

Overall confidence: 100%
Detected patterns
  • script /\/_nuxt\//i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

59
Requests

88 %
HTTPS

69 %
IPv6

15
Domains

17
Subdomains

16
IPs

5
Countries

2742 kB
Transfer

8021 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA Page URL
  2. https://cncplay.com/p/DcA_wFA_Zi HTTP 301
    https://www.cncplay.com/p/DcA_wFA_Zi HTTP 302
    https://www.cncplay.com/en/p/DcA_wFA_Zi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=618763005&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cncplay.com%2Fen%2Fp%2FDcA_wFA_Zi&dr=https%3A%2F%2F3w7n9.r.a.d.sendibm1.com%2Fmk%2Fcl%2Ff%2FIDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA&ul=en-us&de=UTF-8&dt=Roue%20de%20la%20Fortune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1537267957&gjid=78989560&cid=1365940516.1582017468&tid=UA-135274881-1&_gid=188269924.1582017468&_r=1&gtm=2wg250N57H4GL&z=1511356985 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-135274881-1&cid=1365940516.1582017468&jid=1537267957&_gid=188269924.1582017468&gjid=78989560&_v=j81&z=1511356985

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA
3w7n9.r.a.d.sendibm1.com/mk/cl/f/
564 B
768 B
Document
General
Full URL
https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.107.232.244 , France, ASN200484 (SENDINBLUE-ASN, FR),
Reverse DNS
Software
/
Resource Hash
3d57fcadb8202499f5745f4b4a967ea8baa983f422c5c1154b951ddf65b73900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Host
3w7n9.r.a.d.sendibm1.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Content-Length
564
Content-Type
text/html; charset=utf-8
Date
Tue, 18 Feb 2020 09:17:46 GMT
X-Content-Type-Options
nosniff
X-Sib-Server
SENDINBLUE-red2-2
X-Xss-Protection
1
cm.html
sibautomation.com/ Frame 6B45
0
0
Document
General
Full URL
https://sibautomation.com/cm.html?id=2235899
Requested by
Host: 3w7n9.r.a.d.sendibm1.com
URL: https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6818:6786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
sibautomation.com
:scheme
https
:path
/cm.html?id=2235899
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA

Response headers

status
200
date
Tue, 18 Feb 2020 09:17:46 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=de7e3cf1e8f3adadc40de5e54dd2dbc131582017466; expires=Thu, 19-Mar-20 09:17:46 GMT; path=/; domain=.sibautomation.com; HttpOnly; SameSite=Lax
x-powered-by
Sails <sailsjs.com>
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
x-sib-server
SENDINBLUE-web2-3
x-content-type-options
nosniff
x-xss-protection
1
cache-control
max-age=7200
cf-cache-status
HIT
age
2218
server
cloudflare
cf-ray
566ee8ecab190eab-FRA
content-encoding
br
Primary Request Cookie set DcA_wFA_Zi
www.cncplay.com/en/p/
Redirect Chain
  • https://cncplay.com/p/DcA_wFA_Zi
  • https://www.cncplay.com/p/DcA_wFA_Zi
  • https://www.cncplay.com/en/p/DcA_wFA_Zi
73 KB
24 KB
Document
General
Full URL
https://www.cncplay.com/en/p/DcA_wFA_Zi
Requested by
Host: 3w7n9.r.a.d.sendibm1.com
URL: https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
765b267a8ce2a620cc86966a355c386e7a62081c3a10437c492465fd86606440

Request headers

Host
www.cncplay.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
i18n_redirected=en
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA

Response headers

Set-Cookie
_pDcA_wFA_Zi=2qHYBhKe8f8p038i799J4; Max-Age=2592000; Path=/
ETag
"12478-CYyQCelwga9CaccS75gKVyAgoC8"
Content-Type
text/html; charset=utf-8
Accept-Ranges
none
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 18 Feb 2020 09:17:47 GMT
Transfer-Encoding
chunked
Sozu-Id
b127383f-defa-4189-9612-d5b516ae4e8d

Redirect headers

Set-Cookie
i18n_redirected=en; Path=/; Expires=Wed, 17 Feb 2021 09:17:46 GMT
Location
/en/p/DcA_wFA_Zi
Date
Tue, 18 Feb 2020 09:17:46 GMT
Transfer-Encoding
chunked
Sozu-Id
b127383f-defa-4189-9612-d5b516ae4e8d
1a7fbfb7c363abd2cf11.js
www.cncplay.com/_nuxt/
8 KB
4 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
a7f25a2f4e016d5164b0ec1022cb7e6b57255a0bb7ea0ded62b39340e06ee06f

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"1ebe-17034ce6635"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
e5265951-37fd-40ca-8dff-db0fb930b92e
Accept-Ranges
bytes
d4e23a887d6ab8e79cac.js
www.cncplay.com/_nuxt/
197 KB
67 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/d4e23a887d6ab8e79cac.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
a8374cae62ddab8798b80d5f7916a6cf133ad83dff6702eb3a4f00581f309f67

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"315b8-17034ce6650"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
15d0211d-1aab-48c4-9c70-3f34eade22a9
Accept-Ranges
bytes
18bb6ef16625f532ad97.css
www.cncplay.com/_nuxt/
436 KB
55 KB
Stylesheet
General
Full URL
https://www.cncplay.com/_nuxt/18bb6ef16625f532ad97.css
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
509aaed69a16369a6b9661c755438a52425cee7015af92dba891e52c208061c4

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"6d095-17034ce6635"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
24ecf331-265e-4be5-b740-c56b5c6cc644
Accept-Ranges
bytes
666a10d112b76282beb2.js
www.cncplay.com/_nuxt/
2 MB
456 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/666a10d112b76282beb2.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
c214082071dd03b163a4083f2b742f8ef9f30871c888d6569f98e8ae08611183

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"1856c5-17034ce6645"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
b1704ad1-7017-43c7-873a-c51aa21d8852
Accept-Ranges
bytes
1139b7e64916dfb5710f.css
www.cncplay.com/_nuxt/
1 MB
115 KB
Stylesheet
General
Full URL
https://www.cncplay.com/_nuxt/1139b7e64916dfb5710f.css
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
d7ac2b10acfeb32472eabd8f895a1c2e53e5b7272e24cd3bd3dfdfad3ff90ce7

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"112f43-17034ce6633"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
8ca7d117-811a-4087-8cb8-945a5b94f219
Accept-Ranges
bytes
9aa6653487030eb3cb50.js
www.cncplay.com/_nuxt/
322 KB
69 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/9aa6653487030eb3cb50.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
548d8b0359334c146b322a6c7f6e1fda67b486da91670c7054060834353daae7

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"50915-17034ce664a"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
37972927-db34-4eea-9edd-da112a83948f
Accept-Ranges
bytes
79066f150d14443473e2.css
www.cncplay.com/_nuxt/
9 KB
3 KB
Stylesheet
General
Full URL
https://www.cncplay.com/_nuxt/79066f150d14443473e2.css
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
1d10fb6fdad2e2b89a774042ed71ab388981de08597b84431f4064e7752755e8

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"24db-17034ce6647"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
394573eb-3899-4bb1-baa5-323c5ada90a1
Accept-Ranges
bytes
b1753d2d4a8240900a26.js
www.cncplay.com/_nuxt/
207 KB
42 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/b1753d2d4a8240900a26.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
0bf01c558755b9bb03b220184c6eb76df08be803ff0ab21de6f6dbc6d96e28f8

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"33d77-17034ce664c"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
1586805d-9e36-4a44-aacc-d694933f0672
Accept-Ranges
bytes
css
fonts.googleapis.com/
15 KB
988 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Feb 2020 09:17:47 GMT
server
ESF
date
Tue, 18 Feb 2020 09:17:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Feb 2020 09:17:47 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/
218 KB
35 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 18 Feb 2020 09:17:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42700
cf-ray
566ee8f2ac64bf19-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19146-FRA
server
cloudflare
etag
W/"3690d-+C8LymUllOTB/eRBaefREVF0ZzU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cnc-default.css
www.cncplay.com/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://www.cncplay.com/css/cnc-default.css
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
5312d4cba6ad48475c5de498f47d147f2b03e6e836088ecf381a6602480de6df

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"946-17034ce6690"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Sozu-Id
1586805d-9e36-4a44-aacc-d694933f0672
Accept-Ranges
bytes
css
fonts.googleapis.com/
2 KB
713 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Dancing+Script|Poppins
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f115cbc77be3970793b30a894c6b1458e1516ae01d29b98e0b8a97416ea83916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Feb 2020 09:17:47 GMT
server
ESF
date
Tue, 18 Feb 2020 09:17:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Feb 2020 09:17:47 GMT
gtm.js
www.googletagmanager.com/
67 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N57H4GL&l=dataLayer
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6c3d2abbc512d2f5a4a4ad48ea052a6243bfcd19fb78def6097e7d599413237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 09:17:47 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24227
x-xss-protection
0
last-modified
Tue, 18 Feb 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Feb 2020 09:17:47 GMT
powered_dark.png
www.cncplay.com/
35 KB
35 KB
Image
General
Full URL
https://www.cncplay.com/powered_dark.png
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
0b7439fe1d32facf7526cd4b20fb2bc0b70efcebfa83f8bd2d7bc8333d931a2d

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"8bff-17034ce6696"
Content-Type
image/png
Cache-Control
public, max-age=0
Sozu-Id
394573eb-3899-4bb1-baa5-323c5ada90a1
Accept-Ranges
bytes
Content-Length
35839
4c10c1609d7041c08b930e21ec8b7702.jpg
cncprod.cellar-c2.services.clever-cloud.com/
412 KB
412 KB
Image
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/4c10c1609d7041c08b930e21ec8b7702.jpg
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
e10b03542a7471813338a7dd66cd152fafbf9dd37df3ac735da218c8f91a3d32

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Last-Modified
Mon, 10 Feb 2020 09:03:19 GMT
x-amz-request-id
tx00000000000000024a22a-005e4babbb-6389420-default
ETag
"d22ad13ddfa2a3935c9db59f0117df52"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
421396
660b9daf513d6323214a.css
www.cncplay.com/_nuxt/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.cncplay.com/_nuxt/660b9daf513d6323214a.css
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
514d5ead8267ac1dbda0059188ab284dc8ffa1935dfe0f8c3d70575ba1d52b8f

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"1f40-17034ce663b"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
b1704ad1-7017-43c7-873a-c51aa21d8852
Accept-Ranges
bytes
f368b42516f5c501726c.js
www.cncplay.com/_nuxt/
70 KB
18 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/f368b42516f5c501726c.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
5d322b7989b38181bd82ee86ea90875eefd2f77ac94f3f26810cae21602d7289

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"118a2-17034ce6653"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
8ca7d117-811a-4087-8cb8-945a5b94f219
Accept-Ranges
bytes
d030f8ee97abc19b38ba.css
www.cncplay.com/_nuxt/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.cncplay.com/_nuxt/d030f8ee97abc19b38ba.css
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
ee1dc9b9fe274021fcce3433c257e983de98997a3e0b14ea7d32811499797d08

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"1667-17034ce664f"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
e5437d44-226c-4a24-b790-93d19fda1265
Accept-Ranges
bytes
2c8292198195d0afca46.js
www.cncplay.com/_nuxt/
28 KB
7 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/2c8292198195d0afca46.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
f6cdbcc9bafa8df615b464ccd5999ccab04f55a1bffdf83be53de352f7ef4c50

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"6ecd-17034ce6636"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
e467929b-9266-444c-b533-3fa0e5eef01b
Accept-Ranges
bytes
b87f1d2589856f833662.js
www.cncplay.com/_nuxt/
74 KB
25 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/b87f1d2589856f833662.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
00f9f9e179fa7d531ecb41b8241214415cc9d684a3971bd742540f0934110f34

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"127a4-17034ce664c"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
cca72f84-8733-4811-a08b-896412301c37
Accept-Ranges
bytes
0b0c0b354bfc1536d45a.css
www.cncplay.com/_nuxt/
10 KB
2 KB
Stylesheet
General
Full URL
https://www.cncplay.com/_nuxt/0b0c0b354bfc1536d45a.css
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
a74282f28124f2bdadd62b025fb9eb8b522ece37cc3d2f9509fa7f36bb58386c

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"27de-17034ce662e"
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
15d0211d-1aab-48c4-9c70-3f34eade22a9
Accept-Ranges
bytes
ce1a587da7b7f1406d79.js
www.cncplay.com/_nuxt/
155 KB
43 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/ce1a587da7b7f1406d79.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
ca5bb272479217ebbe3e81cb48f711b9f9e5bd4d9d798d03dfda3cc8386a5c6b

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"26a08-17034ce664e"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
35282b3c-e81f-495c-802d-5161060a703b
Accept-Ranges
bytes
conversion_async.js
www.googleadservices.com/pagead/
26 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N57H4GL&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 09:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9931
x-xss-protection
0
server
cafe
etag
8273558640064030436
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 Feb 2020 09:17:47 GMT
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N57H4GL&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2655
date
Tue, 18 Feb 2020 08:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Tue, 18 Feb 2020 10:33:32 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 3w7n9.r.a.d.sendibm1.com
URL: https://3w7n9.r.a.d.sendibm1.com/mk/cl/f/IDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
g/XY417SCTQkveRE8QJ4zwrl32qWa6t6hoMjz+62xxwELSak9S0eMn8K1wAx8EOG+xAjvLPS5A4X1E9A/EjXmw==
x-fb-trip-id
1850256238
date
Tue, 18 Feb 2020 09:17:47 GMT, Tue, 18 Feb 2020 09:17:47 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
7b1eebdfe4c4039f17f3.js
www.cncplay.com/_nuxt/
47 KB
15 KB
Script
General
Full URL
https://www.cncplay.com/_nuxt/7b1eebdfe4c4039f17f3.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/1a7fbfb7c363abd2cf11.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
a2a4040a6792a4b5e53c2f9b12bfab842f5a41af42d7d51d0901e7d1e8b185ce

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"bb51-17034ce6647"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Sozu-Id
d1298779-9546-4e90-953e-b3d81784fdb3
Accept-Ranges
bytes
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=618763005&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cncplay.com%2Fen%2Fp%2FDcA_wFA_Zi&dr=https%3A%2F%2F3w7n9.r.a.d.sendibm1.com%2Fmk%2Fcl%2Ff%2FID...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-135274881-1&cid=1365940516.1582017468&jid=1537267957&_gid=188269924.1582017468&gjid=78989560&_v=j81&z=1511356985
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-135274881-1&cid=1365940516.1582017468&jid=1537267957&_gid=188269924.1582017468&gjid=78989560&_v=j81&z=1511356985
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 18 Feb 2020 09:17:47 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Feb 2020 09:17:47 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-135274881-1&cid=1365940516.1582017468&jid=1537267957&_gid=188269924.1582017468&gjid=78989560&_v=j81&z=1511356985
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
378891176351080
connect.facebook.net/signals/config/
447 KB
113 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/378891176351080?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3faadece58efe2afefb235f341785fac70d68945b0235f69c1a1e022d7bed856
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
Mj7I9qAkOM8i4kz6Ac3hFrbrk35rhXHYAjsmvvVmpnMHf46P0NnZe8zol/nfxBk6WoPsv/MUsoyciYD5Ezejig==
x-fb-trip-id
1850256238
date
Tue, 18 Feb 2020 09:17:48 GMT, Tue, 18 Feb 2020 09:17:48 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=618763005&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cncplay.com%2Fen%2Fp%2FDcA_wFA_Zi&dr=https%3A%2F%2F3w7n9.r.a.d.sendibm1.com%2Fmk%2Fcl%2Ff%2FIDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA&dp=%2Fen%2Fp%2FDcA_wFA_Zi&ul=en-us&de=UTF-8&dt=Roue%20de%20la%20Fortune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEAB~&jid=1435989704&gjid=1686422279&cid=1365940516.1582017468&tid=UA-135274881-3&_gid=188269924.1582017468&_r=1&z=228153807
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 18 Feb 2020 09:17:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
phaser-arcade-physics.min.js
cdn.jsdelivr.net/npm/phaser@3.17.0/dist/
785 KB
189 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/b1753d2d4a8240900a26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3109a802a384f416b94994d595bba7d6fc8861dd50117b96574b1cf906f8e425
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Tue, 18 Feb 2020 09:17:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cf-ray
566ee8f6e8a5bf19-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19178-FRA
server
cloudflare
etag
W/"c4376-fosVTlwBXAMqR5VvIESUFv+CgkU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
wheeloffortune.js
www.cncplay.com/games/
64 KB
22 KB
Script
General
Full URL
https://www.cncplay.com/games/wheeloffortune.js
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/b1753d2d4a8240900a26.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
6650160335e30e76f364ed04bde60fa8c0e8a4aa00883d215368145a42323c2c

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 15:11:46 GMT
ETag
W/"feb4-17034ce6692"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Transfer-Encoding
chunked
Sozu-Id
16aee9d8-b150-49d3-89b3-76d770fadf09
Accept-Ranges
bytes
75047b5b79a54d288ac31d62e35340c3.png
cncprod.cellar-c2.services.clever-cloud.com/
64 KB
64 KB
Image
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/75047b5b79a54d288ac31d62e35340c3.png
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
d4052d57b7c191191a51cec17f06c4596e846df7b02059b682b90454f9c50af0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 22 Oct 2019 15:15:17 GMT
x-amz-request-id
tx00000000000000024a22c-005e4babbc-6389420-default
ETag
"d61baabaa7d0f1e7813cf9e37757e0fd"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
65445
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/718675066/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/718675066/?random=1582017468011&cv=9&fst=1582017468011&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg250&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.cncplay.com%2Fen%2Fp%2FDcA_wFA_Zi&ref=https%3A%2F%2F3w7n9.r.a.d.sendibm1.com%2Fmk%2Fcl%2Ff%2FIDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA&tiba=Roue%20de%20la%20Fortune&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1f28076d8df8fe6a9e2b4f0a3e55243d62b46070feac45e2228d648dbb67661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Tue, 18 Feb 2020 09:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1197
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
348 B
Image
General
Full URL
https://www.facebook.com/tr/?id=378891176351080&ev=PageView&dl=https%3A%2F%2Fwww.cncplay.com%2Fen%2Fp%2FDcA_wFA_Zi&rl=https%3A%2F%2F3w7n9.r.a.d.sendibm1.com%2Fmk%2Fcl%2Ff%2FIDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA&if=false&ts=1582017468031&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582017468030.2064692023&it=1582017467948&coo=false&rqm=GET
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 18 Feb 2020 09:17:48 GMT, Tue, 18 Feb 2020 09:17:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Tue, 18 Feb 2020 09:17:48 GMT
/
www.google.com/pagead/1p-user-list/718675066/
42 B
115 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/718675066/?random=1582017468011&cv=9&fst=1582016400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg250&sendb=1&frm=0&url=https%3A%2F%2Fwww.cncplay.com%2Fen%2Fp%2FDcA_wFA_Zi&ref=https%3A%2F%2F3w7n9.r.a.d.sendibm1.com%2Fmk%2Fcl%2Ff%2FIDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA&tiba=Roue%20de%20la%20Fortune&async=1&fmt=3&is_vtc=1&random=3462165972&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 18 Feb 2020 09:17:48 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/718675066/
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/718675066/?random=1582017468011&cv=9&fst=1582016400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg250&sendb=1&frm=0&url=https%3A%2F%2Fwww.cncplay.com%2Fen%2Fp%2FDcA_wFA_Zi&ref=https%3A%2F%2F3w7n9.r.a.d.sendibm1.com%2Fmk%2Fcl%2Ff%2FIDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA&tiba=Roue%20de%20la%20Fortune&async=1&fmt=3&is_vtc=1&random=3462165972&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/en/p/DcA_wFA_Zi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 18 Feb 2020 09:17:48 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f006c556c753a58b408277de14a33ffdc8a921625cd682042960de78c6df2552

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b86ca7249e6f28cc9af909dcc5501e67101273ff2a2a19c408779a0fbf27e733

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
106 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88e6382d15edbda0254ba0ad7f224f41b358a21ebfad6e1eed439f5ddf0ea245

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
253 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42deb9219fc21f52ec47f6de9f2cd7bbd2b6eff02e03fb2e77b935f3f2a849db

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
cdad19616a1245acbadf2f2a9b26420e.png
cncprod.cellar-c2.services.clever-cloud.com/
252 KB
252 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/cdad19616a1245acbadf2f2a9b26420e.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
36298e28d0bdf643403da86dfcd2b634ea28d2f0a7cd4a9f9950bc6681a1bf33

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:29:25 GMT
x-amz-request-id
tx0000000000000002a764f-005e4babbc-63fe2e5-default
ETag
"8ef80ca47350e0094877e47fecbd28d8"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
258075
013ff3d0761a486ab2e82f546496f3e8.png
cncprod.cellar-c2.services.clever-cloud.com/
51 KB
51 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/013ff3d0761a486ab2e82f546496f3e8.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
e17c9c4643803ed8fdf60bd7ae6978f4a77c805f0847ac70d73811c3d7199bd7

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:29:25 GMT
x-amz-request-id
tx00000000000000001b23d-005e4babbc-64428ef-default
ETag
"f1c72f7988d7013cb176e187f1c48c55"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
52256
30c56d7e9df3422fa55238bf7fc35698.png
cncprod.cellar-c2.services.clever-cloud.com/
5 KB
6 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/30c56d7e9df3422fa55238bf7fc35698.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
54314d44a3f3f8704e822b2790195166d0132ca9014e873b933a424f81a11bc7

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:27:59 GMT
x-amz-request-id
tx0000000000000003825e4-005e4babbc-6448894-default
ETag
"53d3ff4d82fdb82f67696b52d0ab42b8"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
5603
33085e006ddd4f0ba1f34342b98f19e0.png
cncprod.cellar-c2.services.clever-cloud.com/
8 KB
8 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/33085e006ddd4f0ba1f34342b98f19e0.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
104a3639e1f2bf824b50a641e1da9b0a2988f8e5ae72e355964b54092fb8d0a1

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:29:25 GMT
x-amz-request-id
tx00000000000000024a22d-005e4babbc-6389420-default
ETag
"df00646dfcc0004c4fb38866a751fc37"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
7743
ca119f27c0e3482baedf5764dcf63cb1.mp3
cncprod.cellar-c2.services.clever-cloud.com/
40 KB
40 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/ca119f27c0e3482baedf5764dcf63cb1.mp3
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
8d786cf9d280402ea3056abd678329137501312f1cdfbc1ed3e37693ad290ae6

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:28:00 GMT
x-amz-request-id
tx0000000000000002a7650-005e4babbc-63fe2e5-default
ETag
"b71f05134d66a1806f03749533517fc6"
Content-Type
audio/mp3
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
41086
6a8d535c61124078a9908ffc257905ef.mp3
cncprod.cellar-c2.services.clever-cloud.com/
110 KB
110 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/6a8d535c61124078a9908ffc257905ef.mp3
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
6892ed2f6aaa1eba0a78112d79fadfc8120e9ff80124c59d52b1d221aceb607c

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:28:00 GMT
x-amz-request-id
tx00000000000000001b23e-005e4babbc-64428ef-default
ETag
"d513cc65fb24e80ff508d9726ce5a40c"
Content-Type
audio/mp3
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
112557
6a8d535c61124078a9908ffc257905ef.mp3
cncprod.cellar-c2.services.clever-cloud.com/
110 KB
110 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/6a8d535c61124078a9908ffc257905ef.mp3
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
6892ed2f6aaa1eba0a78112d79fadfc8120e9ff80124c59d52b1d221aceb607c

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:28:00 GMT
x-amz-request-id
tx0000000000000003825e5-005e4babbc-6448894-default
ETag
"d513cc65fb24e80ff508d9726ce5a40c"
Content-Type
audio/mp3
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
112557
44adb34f11ae49009954220fdd7dbd9f.png
cncprod.cellar-c2.services.clever-cloud.com/
103 KB
103 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/44adb34f11ae49009954220fdd7dbd9f.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
60571f8b12ec05bb15ee002dfb1a3f5de4056036e24e2a492b051490f0ff7de2

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:28:00 GMT
x-amz-request-id
tx00000000000000024a22e-005e4babbc-6389420-default
ETag
"38ba7ee884362d4f7ce6df7221ef6b9e"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
105199
0821bf9c98c14cf6beec75ec993a30ef.png
cncprod.cellar-c2.services.clever-cloud.com/
106 KB
106 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/0821bf9c98c14cf6beec75ec993a30ef.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
73adbf2a8692d5658813c337ed0750ff70f540cdb0724d28823becf789b7a51a

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:28:00 GMT
x-amz-request-id
tx0000000000000002a7652-005e4babbc-63fe2e5-default
ETag
"51174d11ae1b2186bc4304f3ebd2bb59"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
108697
71d3df526a934bd985b540a661f3b491.png
cncprod.cellar-c2.services.clever-cloud.com/
46 KB
47 KB
XHR
General
Full URL
https://cncprod.cellar-c2.services.clever-cloud.com/71d3df526a934bd985b540a661f3b491.png
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.42.117.210 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
fc34233e7f45e402d4d3d47e2c9b7fb1ea6ca6e5b1db555e9e2c2073e5fa463f

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 18 Feb 2020 09:17:48 GMT
Last-Modified
Tue, 11 Feb 2020 15:29:25 GMT
x-amz-request-id
tx00000000000000001b240-005e4babbc-64428ef-default
ETag
"255fa9fa29870268b7b6829aa6b4e1f6"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-rgw-object-type
Normal
Accept-Ranges
bytes
Content-Length
47590
872bd949-3bfe-43b7-aa60-d552e99e34e0
https://www.cncplay.com/
5 KB
0
Image
General
Full URL
blob:https://www.cncplay.com/872bd949-3bfe-43b7-aa60-d552e99e34e0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54314d44a3f3f8704e822b2790195166d0132ca9014e873b933a424f81a11bc7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Content-Length
5603
Content-Type
image/png
a452bb77-96f0-4a6d-804a-ea659556f2ab
https://www.cncplay.com/
8 KB
0
Image
General
Full URL
blob:https://www.cncplay.com/a452bb77-96f0-4a6d-804a-ea659556f2ab
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
104a3639e1f2bf824b50a641e1da9b0a2988f8e5ae72e355964b54092fb8d0a1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Content-Length
7743
Content-Type
image/png
ed785e50-b2d0-4159-adcc-cd833b47ddcc
https://www.cncplay.com/
51 KB
0
Image
General
Full URL
blob:https://www.cncplay.com/ed785e50-b2d0-4159-adcc-cd833b47ddcc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e17c9c4643803ed8fdf60bd7ae6978f4a77c805f0847ac70d73811c3d7199bd7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Content-Length
52256
Content-Type
image/png
825806f8-712f-4e4a-bc3e-6a6c1d6fb617
https://www.cncplay.com/
252 KB
0
Image
General
Full URL
blob:https://www.cncplay.com/825806f8-712f-4e4a-bc3e-6a6c1d6fb617
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36298e28d0bdf643403da86dfcd2b634ea28d2f0a7cd4a9f9950bc6681a1bf33

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Content-Length
258075
Content-Type
image/png
377a0a0a-9d96-4d9b-9fe8-7f7de7e67465
https://www.cncplay.com/
103 KB
0
Image
General
Full URL
blob:https://www.cncplay.com/377a0a0a-9d96-4d9b-9fe8-7f7de7e67465
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60571f8b12ec05bb15ee002dfb1a3f5de4056036e24e2a492b051490f0ff7de2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Content-Length
105199
Content-Type
image/png
93ed05e1-cfa4-4071-96e5-00922ee11c60
https://www.cncplay.com/
46 KB
0
Image
General
Full URL
blob:https://www.cncplay.com/93ed05e1-cfa4-4071-96e5-00922ee11c60
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc34233e7f45e402d4d3d47e2c9b7fb1ea6ca6e5b1db555e9e2c2073e5fa463f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Content-Length
47590
Content-Type
image/png
ea9291a5-9ac3-461e-84d4-bbc72956e92d
https://www.cncplay.com/
106 KB
0
Image
General
Full URL
blob:https://www.cncplay.com/ea9291a5-9ac3-461e-84d4-bbc72956e92d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73adbf2a8692d5658813c337ed0750ff70f540cdb0724d28823becf789b7a51a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Content-Length
108697
Content-Type
image/png
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=378891176351080&ev=Microdata&dl=https%3A%2F%2Fwww.cncplay.com%2Fen%2Fp%2FDcA_wFA_Zi&rl=https%3A%2F%2F3w7n9.r.a.d.sendibm1.com%2Fmk%2Fcl%2Ff%2FIDJluwgev66OPkAun-AYoJfXWqkP5-tjy0ss0pOVnxvqnaMmYPg4TjFB4tz1so5iHr11IXPKxnAFR4KqwUvE0WErCJEh0H0RoD9Ag_a3fcxX7adkVf7KdVjWw4PD9iKZ4y0zlKjW1X1M_a07QHwo1X9Qzk_xZRDNlYYGwX2fyA7vuA&if=false&ts=1582017468540&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Roue%20de%20la%20Fortune%22%2C%22meta%3Adescription%22%3A%22Atelier%20ClicknCom%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fcncplay.com%2Fp%2FDcA_wFA_Zi%22%2C%22og%3Atitle%22%3A%22Roue%20de%20la%20Fortune%22%2C%22og%3Adescription%22%3A%22It%20will%20spin%20your%20head%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcncprod.cellar-c2.services.clever-cloud.com%2Fe62933211740416abee577cb388716da.png%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fcncplay.com%2Fp%2FDcA_wFA_Zi%22%2C%22twitter%3Atitle%22%3A%22Roue%20de%20la%20Fortune%22%2C%22twitter%3Adescription%22%3A%22It%20will%20spin%20your%20head%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fcncprod.cellar-c2.services.clever-cloud.com%2Fe62933211740416abee577cb388716da.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582017468030.2064692023&it=1582017467948&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 18 Feb 2020 09:17:48 GMT, Tue, 18 Feb 2020 09:17:48 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Tue, 18 Feb 2020 09:17:48 GMT
iamreal
api.clickncom.com/participations/44966/
0
382 B
XHR
General
Full URL
https://api.clickncom.com/participations/44966/iamreal
Requested by
Host: www.cncplay.com
URL: https://www.cncplay.com/_nuxt/d4e23a887d6ab8e79cac.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.cncplay.com
Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 18 Feb 2020 09:17:49 GMT
Vary
Origin
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,OPTIONS,HEAD
Access-Control-Allow-Origin
*
Access-Control-Max-Age
31536000
Access-Control-Allow-Credentials
true
Sozu-Id
e3fcd663-920e-4ade-be45-bb2f29e664ed
Access-Control-Allow-Headers
Content-Type,Authorization,X-Frame-Options,Origin
iamreal
api.clickncom.com/participations/44966/
737 B
1 KB
XHR
General
Full URL
https://api.clickncom.com/participations/44966/iamreal
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.252.181.159 , France, ASN43424 (MAGICRETAIL, FR),
Reverse DNS
Software
/ Strapi <strapi.io>
Resource Hash
6035f09963f709daf3064e0e097dbd1538bd143beefa95eebfdae9921bad12a9
Security Headers
Name Value
Content-Security-Policy img-src 'self' http:; block-all-mixed-content
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.cncplay.com/en/p/DcA_wFA_Zi
Origin
https://www.cncplay.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Content-Security-Policy
img-src 'self' http:; block-all-mixed-content
X-Powered-By
Strapi <strapi.io>
Date
Tue, 18 Feb 2020 09:17:49 GMT
Vary
Origin, Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
WWW-Authenticate,Server-Authorization
Access-Control-Allow-Credentials
true
Sozu-Id
e3fcd663-920e-4ade-be45-bb2f29e664ed
Content-Length
737
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer object| __NUXT__ object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| SocialSharing function| _ string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| $nuxt object| clickncomGame function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Phaser

7 Cookies

Domain/Path Name / Value
.cncplay.com/ Name: _gat_UA-135274881-1
Value: 1
.cncplay.com/ Name: _fbp
Value: fb.1.1582017468030.2064692023
.cncplay.com/ Name: _gat
Value: 1
www.cncplay.com/ Name: _pDcA_wFA_Zi
Value: 2qHYBhKe8f8p038i799J4
.cncplay.com/ Name: _gid
Value: GA1.2.188269924.1582017468
.cncplay.com/ Name: _ga
Value: GA1.2.1365940516.1582017468
www.cncplay.com/ Name: i18n_redirected
Value: en

1 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.jsdelivr.net/npm/phaser@3.17.0/dist/phaser-arcade-physics.min.js(Line 1)
Message:
%c %c %c %c %c Phaser v3.17.0 (Canvas | Web Audio) %c https://phaser.io background: #ff0000 background: #ffff00 background: #00ff00 background: #00ffff color: #ffffff; background: #000000 background: #fff

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3w7n9.r.a.d.sendibm1.com
api.clickncom.com
cdn.jsdelivr.net
cncplay.com
cncprod.cellar-c2.services.clever-cloud.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
sibautomation.com
stats.g.doubleclick.net
www.cncplay.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.22.98
185.107.232.244
185.42.117.210
2001:4860:4802:36::75
2606:4700:3035::6818:6786
2606:4700::6810:5514
2a00:1450:4001:800::2002
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:809::200a
2a00:1450:4001:817::2003
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
46.252.181.159
87.98.154.146
00f9f9e179fa7d531ecb41b8241214415cc9d684a3971bd742540f0934110f34
0b7439fe1d32facf7526cd4b20fb2bc0b70efcebfa83f8bd2d7bc8333d931a2d
0bf01c558755b9bb03b220184c6eb76df08be803ff0ab21de6f6dbc6d96e28f8
104a3639e1f2bf824b50a641e1da9b0a2988f8e5ae72e355964b54092fb8d0a1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d10fb6fdad2e2b89a774042ed71ab388981de08597b84431f4064e7752755e8
2dda7ea92135dcf21660d4d79391d303fc38f6a6524ae74bbe2986f1d2e990d5
3109a802a384f416b94994d595bba7d6fc8861dd50117b96574b1cf906f8e425
36298e28d0bdf643403da86dfcd2b634ea28d2f0a7cd4a9f9950bc6681a1bf33
3d57fcadb8202499f5745f4b4a967ea8baa983f422c5c1154b951ddf65b73900
3faadece58efe2afefb235f341785fac70d68945b0235f69c1a1e022d7bed856
42deb9219fc21f52ec47f6de9f2cd7bbd2b6eff02e03fb2e77b935f3f2a849db
509aaed69a16369a6b9661c755438a52425cee7015af92dba891e52c208061c4
514d5ead8267ac1dbda0059188ab284dc8ffa1935dfe0f8c3d70575ba1d52b8f
5312d4cba6ad48475c5de498f47d147f2b03e6e836088ecf381a6602480de6df
54314d44a3f3f8704e822b2790195166d0132ca9014e873b933a424f81a11bc7
548d8b0359334c146b322a6c7f6e1fda67b486da91670c7054060834353daae7
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d322b7989b38181bd82ee86ea90875eefd2f77ac94f3f26810cae21602d7289
6035f09963f709daf3064e0e097dbd1538bd143beefa95eebfdae9921bad12a9
60571f8b12ec05bb15ee002dfb1a3f5de4056036e24e2a492b051490f0ff7de2
6650160335e30e76f364ed04bde60fa8c0e8a4aa00883d215368145a42323c2c
6892ed2f6aaa1eba0a78112d79fadfc8120e9ff80124c59d52b1d221aceb607c
73adbf2a8692d5658813c337ed0750ff70f540cdb0724d28823becf789b7a51a
765b267a8ce2a620cc86966a355c386e7a62081c3a10437c492465fd86606440
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88e6382d15edbda0254ba0ad7f224f41b358a21ebfad6e1eed439f5ddf0ea245
8d786cf9d280402ea3056abd678329137501312f1cdfbc1ed3e37693ad290ae6
a2a4040a6792a4b5e53c2f9b12bfab842f5a41af42d7d51d0901e7d1e8b185ce
a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce
a6c3d2abbc512d2f5a4a4ad48ea052a6243bfcd19fb78def6097e7d599413237
a74282f28124f2bdadd62b025fb9eb8b522ece37cc3d2f9509fa7f36bb58386c
a7f25a2f4e016d5164b0ec1022cb7e6b57255a0bb7ea0ded62b39340e06ee06f
a8374cae62ddab8798b80d5f7916a6cf133ad83dff6702eb3a4f00581f309f67
b86ca7249e6f28cc9af909dcc5501e67101273ff2a2a19c408779a0fbf27e733
c214082071dd03b163a4083f2b742f8ef9f30871c888d6569f98e8ae08611183
ca5bb272479217ebbe3e81cb48f711b9f9e5bd4d9d798d03dfda3cc8386a5c6b
d4052d57b7c191191a51cec17f06c4596e846df7b02059b682b90454f9c50af0
d7ac2b10acfeb32472eabd8f895a1c2e53e5b7272e24cd3bd3dfdfad3ff90ce7
e10b03542a7471813338a7dd66cd152fafbf9dd37df3ac735da218c8f91a3d32
e17c9c4643803ed8fdf60bd7ae6978f4a77c805f0847ac70d73811c3d7199bd7
e1f28076d8df8fe6a9e2b4f0a3e55243d62b46070feac45e2228d648dbb67661
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ec7024e764e94caa58c7a18f4624dc84c9ee15537ff5418fd44e2f037f8abc30
ee1dc9b9fe274021fcce3433c257e983de98997a3e0b14ea7d32811499797d08
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f006c556c753a58b408277de14a33ffdc8a921625cd682042960de78c6df2552
f115cbc77be3970793b30a894c6b1458e1516ae01d29b98e0b8a97416ea83916
f6cdbcc9bafa8df615b464ccd5999ccab04f55a1bffdf83be53de352f7ef4c50
fc34233e7f45e402d4d3d47e2c9b7fb1ea6ca6e5b1db555e9e2c2073e5fa463f