urlscan.io logo urlscan.io
SecurityTrails logo

warthunder.com Open in urlscan Pro
104.20.83.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844#/
Effective URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Submission: On July 13 via api from LU — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 8 countries across 24 domains to perform 69 HTTP transactions. The main IP is 104.20.83.98, located in and belongs to CLOUDFLARENET, US. The main domain is warthunder.com. The Cisco Umbrella rank of the primary domain is 50553.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on January 9th 2024. Valid for: a year.
This is the only time warthunder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 104.20.83.98 13335 (CLOUDFLAR...)
3 7 93.158.134.119 13238 (YANDEX)
2 87.248.119.251 34010 (YAHOO-IRD)
1 3 87.240.129.133 47541 (VKONTAKTE...)
1 18.203.112.243 16509 (AMAZON-02)
3 142.250.185.168 15169 (GOOGLE)
3 109.61.33.33 199524 (GCORE)
1 185.40.155.13 21030 (CDNNOW-AS)
6 169.150.247.38 60068 (CDN77 _)
1 1 142.250.185.132 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
3 216.58.212.142 15169 (GOOGLE)
3 204.79.197.237 8068 (MICROSOFT...)
2 157.240.252.13 32934 (FACEBOOK)
2 151.101.65.44 54113 (FASTLY)
1 95.211.33.59 60781 (LEASEWEB-...)
1 5.189.239.94 49505 (SELECTEL)
3 216.239.34.36 15169 (GOOGLE)
2 173.194.76.156 15169 (GOOGLE)
1 142.250.184.227 15169 (GOOGLE)
1 151.101.129.44 54113 (FASTLY)
1 34.252.40.201 16509 (AMAZON-02)
2 85.17.170.54 60781 (LEASEWEB-...)
1 2 138.201.230.88 24940 (HETZNER-AS)
1 87.250.250.119 13238 (YANDEX)
2 157.240.253.35 32934 (FACEBOOK)
1 169.150.247.37 60068 (CDN77 _)
4 141.226.228.48 200478 (TABOOLA-AS)
2 18.169.54.24 16509 (AMAZON-02)
1 18.65.39.108 16509 (AMAZON-02)
69 30
12    104.20.83.98 (None, )

ASN13335 (CLOUDFLARENET, US)
warthunder.com
7    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
2    87.248.119.251 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com
s.yimg.com
3    87.240.129.133 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv133-129-240-87.vk.com
vk.com
1    18.203.112.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-112-243.eu-west-1.compute.amazonaws.com
uep.gaijin.net
3    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
3    109.61.33.33 (Luxembourg)

ASN199524 (GCORE, LU)
static.warthunder.com
1    185.40.155.13 (Russian Federation)

ASN21030 (CDNNOW-AS, RU)
static.warthunder.ru
6    169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-38.bunnyinfra.net
consent.cookiefirst.com
1    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
3    216.58.212.142 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f142.1e100.net
www.google-analytics.com
3    204.79.197.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    151.101.65.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    95.211.33.59 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
citydsp.com
1    5.189.239.94 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
statad.ru
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net
stats.g.doubleclick.net
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
www.google.it
1    151.101.129.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
1    34.252.40.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-40-201.eu-west-1.compute.amazonaws.com
sp.analytics.yahoo.com
2    85.17.170.54 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
retagro.com
2    138.201.230.88 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.230.201.138.clients.your-server.de
x.cnt.my
1    87.250.250.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.com
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
1    169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 169-150-247-37.bunnyinfra.net
edge.cookiefirst.com
4    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    18.169.54.24 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-54-24.eu-west-2.compute.amazonaws.com
script.anura.io
1    18.65.39.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-108.ams1.r.cloudfront.net
ads.anura.io
Apex Domain
Subdomains		 Transfer
15 warthunder.com
warthunder.com — Cisco Umbrella Rank: 50553
static.warthunder.com — Cisco Umbrella Rank: 207145
3 MB
7 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 794
psb.taboola.com — Cisco Umbrella Rank: 5960
trc.taboola.com — Cisco Umbrella Rank: 721
trc-events.taboola.com — Cisco Umbrella Rank: 2069
24 KB
7 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 32942
edge.cookiefirst.com — Cisco Umbrella Rank: 39160
47 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9753
3 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 5
region1.analytics.google.com — Cisco Umbrella Rank: 3541
642 B
3 anura.io
script.anura.io — Cisco Umbrella Rank: 53750
ads.anura.io — Cisco Umbrella Rank: 70353
23 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 326
15 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 67
21 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 69
stats.g.doubleclick.net — Cisco Umbrella Rank: 133
980 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 72
303 KB
3 vk.com
vk.com — Cisco Umbrella Rank: 6811
18 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
3 KB
2 cnt.my
x.cnt.my — Cisco Umbrella Rank: 109327
954 B
2 retagro.com
retagro.com — Cisco Umbrella Rank: 138230
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
72 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 661
8 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4033
70 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1517
500 B
1 google.it
www.google.it — Cisco Umbrella Rank: 23570
408 B
1 statad.ru
statad.ru — Cisco Umbrella Rank: 82897
209 B
1 citydsp.com
citydsp.com — Cisco Umbrella Rank: 106123
792 B
1 warthunder.ru
static.warthunder.ru — Cisco Umbrella Rank: 212775
94 KB
1 gaijin.net
uep.gaijin.net — Cisco Umbrella Rank: 693705
0 Failed
function sub() { [native code] }. Failed
69 24
Domain Requested by
12 warthunder.com 1 redirects warthunder.com
6 mc.yandex.com 2 redirects warthunder.com
mc.yandex.ru
6 consent.cookiefirst.com www.googletagmanager.com
consent.cookiefirst.com
4 trc-events.taboola.com cdn.taboola.com
3 region1.analytics.google.com www.googletagmanager.com
3 bat.bing.com warthunder.com
bat.bing.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 static.warthunder.com warthunder.com
3 www.googletagmanager.com warthunder.com
www.googletagmanager.com
3 vk.com 1 redirects warthunder.com
2 script.anura.io warthunder.com
script.anura.io
2 www.facebook.com warthunder.com
2 x.cnt.my 1 redirects warthunder.com
2 retagro.com citydsp.com
retagro.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net warthunder.com
connect.facebook.net
2 s.yimg.com warthunder.com
s.yimg.com
2 mc.yandex.ru 1 redirects warthunder.com
1 ads.anura.io script.anura.io
1 edge.cookiefirst.com consent.cookiefirst.com
1 sp.analytics.yahoo.com warthunder.com
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 www.google.it warthunder.com
1 statad.ru warthunder.com
1 citydsp.com warthunder.com
1 cdn.taboola.com warthunder.com
1 googleads.g.doubleclick.net warthunder.com
1 www.google.com 1 redirects
1 static.warthunder.ru warthunder.com
1 uep.gaijin.net warthunder.com
0 invalid Failed warthunder.com
69 32

This site contains links to these domains. Also see Links.

Domain
store.playstation.com
www.microsoft.com
legal.gaijin.net
support.gaijin.net
Subject Issuer Validity Valid
*.warthunder.com
GeoTrust TLS RSA CA G1		 2024-01-09 -
2025-02-01		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-08 -
2024-08-28		 2 months crt.sh
*.gaijin.net
GeoTrust TLS RSA CA G1		 2024-03-13 -
2025-04-12		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
static.warthunder.com
E5		 2024-06-07 -
2024-09-05		 3 months crt.sh
static.warthunder.ru
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
*.cookiefirst.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2024-12-16		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
citydsp.com
R3		 2024-05-17 -
2024-08-15		 3 months crt.sh
statad.ru
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh
*.vk.com
GlobalSign ECC OV SSL CA 2018		 2024-02-14 -
2025-03-02		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.it
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-03-19 -
2024-09-11		 6 months crt.sh
advermarkt.com
R3		 2024-06-05 -
2024-09-03		 3 months crt.sh
script.anura.io
Amazon RSA 2048 M02		 2023-10-16 -
2024-11-13		 a year crt.sh
ads.anura.io
Amazon RSA 2048 M03		 2024-04-29 -
2025-05-27		 a year crt.sh

This page contains 4 frames:

Primary Page: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Frame ID: 9461F66EB0B110F88FA6346E83D07DD2
Requests: 73 HTTP requests in this frame

Frame: https://uep.gaijin.net:8383/track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvd2FydGh1bmRlci5jb206NDQzXC9yb1wvcGxheTRmcmVlP3I9YWRjYXNoXzQxMzgyOTUmVHJhbnNhY3Rpb25fSUQ9MTYzNzExNzA2ODEzMzMyNTY2NzAxNDI1MTE2MDEzNzA4NDQiLCJpcCI6IjE4NS4xOTguNjIuMTQ3IiwibGFuZ191cmwiOiJlbiIsImxhbmdfZ2VvIjoiaXQiLCJzYWx0IjoiRGt6cjRjQWthblFTUURleDl0VFFUc3VLSHVDQVFWaGUifQ%3D%3D&public_key=UOWlwLc8M1wOUKRPSEy9&crc=cb372ed4d51b322f3344c73d30d5eba9
Frame ID: EE73D527D0F6A231E81A463D22EDC471
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: A3AF6CD597F594E6A8D196A5A08056C4
Requests: 1 HTTP requests in this frame

Frame: https://warthunder.com/ro/play4free?r=cityadsCPA_lO494r_promo-re&click_id=vyZ22hDu3ZaEAO
Frame ID: 5EE98D5502E107893867CF80355720E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

War Thunder — Registration War Thunder — Registration

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

69
Requests

90 %
HTTPS

0 %
IPv6

24
Domains

32
Subdomains

30
IPs

8
Countries

3531 kB
Transfer

17870 kB
Size

45
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://warthunder.com/YzI4N2ZmM/TA0ZjRkYz?_1720889910 HTTP 302
  • https://warthunder.com/en/YzI4N2ZmM/TA0ZjRkYz?_1720889910
Request Chain 7
  • https://vk.com/js/api/openapi.js?168 HTTP 302
  • https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
Request Chain 27
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=1999183875.1720889912&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma_cps=syphamo&dma=1&npa=1&gtm=45He4790n61HWDXKv6174342za200&auid=1566034912.1720889912 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=1999183875.1720889912&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma_cps=syphamo&dma=1&npa=1&gtm=45He4790n61HWDXKv6174342za200&auid=1566034912.1720889912
Request Chain 37
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10429.oj86aIwWVaacMOinDnsnfCU2jBxAL0qO0PGSsNSt_rg3Fmr8yuOywbjZ0jiERU51.AA3XrNtEZeDj0jXqrTGM3vsnUyY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10429.5zK65aZOXOiP63dF7TwOFC5mpNVktJ2M5xDa4bLcgsR5jhWaP-6zG6LUKF2acB3QJnQGgkKAb4Rnvial-s1e_J4bfloIhYbFpiDxAx-dJB_JFVDVJopMbG6iY0gMSMKk_ZENamnjXBRj8crn6ECbX1L-UGWpLkqmitGHlPm7eyvOBzQco5IdCDz3OPoMByjcdc6HykKxJ8e9waGa-F0EtGrJ2kYXPdQ8MYxI46GtZz0%2C.aXHmVI-Wvund089-UeFfC54pMPQ%2C
Request Chain 46
  • https://x.cnt.my/px/?dom=warthunder.com&r=0.5161607613575563 HTTP 301
  • https://x.cnt.my/px/?dom=warthunder.com&r=0.5161607613575563&rand=0.8068877320069237&xtmp=1
Request Chain 52
  • https://mc.yandex.com/watch/21262261?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A439990975601%3Ahid%3A446341343%3Az%3A120%3Ai%3A20240713185832%3Aet%3A1720889913%3Ac%3A1%3Arn%3A470604206%3Arqn%3A1%3Au%3A172088991310184714%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2384%3Awv%3A2%3Ads%3A0%2C475%2C792%2C12%2C1%2C0%2C%2C543%2C2%2C%2C%2C%2C2256%3Aco%3A0%3Acpf%3A1%3Ans%3A1720889909727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720889913%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21038596)ti(1) HTTP 302
  • https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A439990975601%3Ahid%3A446341343%3Az%3A120%3Ai%3A20240713185832%3Aet%3A1720889913%3Ac%3A1%3Arn%3A470604206%3Arqn%3A1%3Au%3A172088991310184714%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2384%3Awv%3A2%3Ads%3A0%2C475%2C792%2C12%2C1%2C0%2C%2C543%2C2%2C%2C%2C%2C2256%3Aco%3A0%3Acpf%3A1%3Ans%3A1720889909727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720889913%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request play4free
warthunder.com/ro/ 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.24
Resource Hash
ea23b93dd864835c7e4df7c7d29719933ed29ca19a7dba823a8f8b57dd8fb041

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8a2ad1733ce10e16-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 13 Jul 2024 16:58:31 GMT
expires
Sat, 13 Jul 2024 15:58:30 +0000
last-modified
Sat, 13 Jul 2024 16:58:30 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
x-no-red
1
x-node-id
05
x-powered-by
PHP/8.0.24
x-request-id
70b6d58478f75a5f5420ccdf4c039f2b
vendor-0940358a.css
warthunder.com/land/signupNewMF/assets/ 		2 MB
2 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/vendor-0940358a.css
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0940358a29b1cd55acd6c15932fb6c6b241d67d9500baead8b8f7704f6a59b76

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jul 2024 12:34:43 GMT
server
cloudflare
etag
W/"669122e3-2790f8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8a2ad1786b830e16-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
index-86052501.css
warthunder.com/land/signupNewMF/assets/ 		64 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86052501ca3c6a969af6c6fd2068196fa02884514cb6ee72b7e5bcbf4f6fd5ba

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jul 2024 12:34:43 GMT
server
cloudflare
etag
W/"669122e3-1002d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8a2ad1786b840e16-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
/
warthunder.com/land/signupNewMF/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://warthunder.com/land/signupNewMF/
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jul 2024 12:34:43 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8a2ad17b3f600e16-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
index-5df80e27.js
warthunder.com/land/signupNewMF/assets/ 		113 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/index-5df80e27.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f401bae95147df93352ecf1f14d8cc25ef66b48f6ddec14337c16435f55a13

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jul 2024 12:34:43 GMT
server
cloudflare
etag
W/"669122e3-1c3f6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8a2ad1786b850e16-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
TA0ZjRkYz
warthunder.com/en/YzI4N2ZmM/
Redirect Chain
  • https://warthunder.com/YzI4N2ZmM/TA0ZjRkYz?_1720889910
  • https://warthunder.com/en/YzI4N2ZmM/TA0ZjRkYz?_1720889910
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://warthunder.com/en/YzI4N2ZmM/TA0ZjRkYz?_1720889910
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:31 GMT
x-node-id
05
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.0.24
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8a2ad17b0f130e16-MXP
x-request-id
c4194556b45ee3c958483d6b9671ff86
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:31 GMT
x-node-id
05
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.0.24
content-type
text/html; charset=UTF-8
location
https://warthunder.com/en/YzI4N2ZmM/TA0ZjRkYz?_1720889910
cache-control
no-store, no-cache, must-revalidate
cf-ray
8a2ad1786b860e16-MXP
x-request-id
fa77c2a173ff066892b18c92350d988d
expires
Thu, 19 Nov 1981 08:52:00 GMT
tag.js
mc.yandex.ru/metrika/ 		200 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-112d7"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70359
expires
Sat, 13 Jul 2024 17:58:32 GMT
ytc.js
s.yimg.com/wi/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Sat, 13 Jul 2024 16:41:24 GMT
x-amz-version-id
VxrPrcbofk65n9ysSCXrclM5xFIYS2A5
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
40P859A4RRCDX4MV
age
1030
x-amz-server-side-encryption
AES256
content-length
6672
x-amz-id-2
KYzmQM5a2Snt06jMWY03imIX7TojnUzRfKwlytSyOIUi74WLKgzN3n2J5hTU5SgHGNQMi8xqUiNdsbswUVgH36/uEdmjpjsemHJ76I05s5U=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 15 Aug 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 10 Jul 2024 13:59:59 GMT
server
ATS
etag
"b4dc8f0803272db7e9c028b882573ba1-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
openapi.c340c125c61ec5745ebb2a98626e46ab.js
vk.com/dist/public/api/
Redirect Chain
  • https://vk.com/js/api/openapi.js?168
  • https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
kittenx /
Resource Hash
0794ec55ac26233eb8ceed5fc64073eea5d00df95da9cc31f18b578a64762782

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-trace-id
ks1caCxiZpW9QzVJCyqxR2h_KngcBQ
date
Sat, 13 Jul 2024 16:58:32 GMT
content-encoding
br
x-frontend
front656700
last-modified
Tue, 09 Jul 2024 03:55:45 GMT
server
kittenx
etag
W/"668cb4c1-e165"
vary
Accept-Encoding, Available-Dictionary
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
expires
Wed, 17 Jul 2024 16:58:32 GMT

Redirect headers

x-trace-id
f5NL6_SfjOXtzkMzbHirl0qjFrmxkg
date
Sat, 13 Jul 2024 16:58:32 GMT
content-encoding
gzip
x-frontend
front656700
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.117517
content-type
text/html; charset=windows-1251
location
/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
20
reporting-endpoints
default="https://vk.com/browser_reports?dest=default_reports"
track_pixel
uep.gaijin.net/ Frame EE73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uep.gaijin.net:8383/track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvd2FydGh1bmRlci5jb206NDQzXC9yb1wvcGxheTRmcmVlP3I9YWRjYXNoXzQxMzgyOTUmVHJhbnNhY3Rpb25fSUQ9MTYzNzExNzA2ODEzMzMyNTY2NzAxNDI1MTE2MDEzNzA4NDQiLCJpcCI6IjE4NS4xOTguNjIuMTQ3IiwibGFuZ191cmwiOiJlbiIsImxhbmdfZ2VvIjoiaXQiLCJzYWx0IjoiRGt6cjRjQWthblFTUURleDl0VFFUc3VLSHVDQVFWaGUifQ%3D%3D&public_key=UOWlwLc8M1wOUKRPSEy9&crc=cb372ed4d51b322f3344c73d30d5eba9
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.203.112.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-112-243.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
99
Date
Sat, 13 Jul 2024 16:58:32 GMT
Keep-Alive
timeout=5
X-Powered-By
Express
gtm.js
www.googletagmanager.com/ 		344 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
fef4067cfce5478e9f0289af2f3a248b846ec00e732d1dae398ca7f41f4568b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113613
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 16:58:32 GMT
vendor-dc315301.js
warthunder.com/land/signupNewMF/assets/ 		1 MB
539 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/vendor-dc315301.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219ed662ad05089696336f42e6c906b8464521a6956032cc6e8251f369a3ac86

Request headers

Referer
https://warthunder.com/land/signupNewMF/assets/index-5df80e27.js
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jul 2024 12:34:43 GMT
server
cloudflare
etag
W/"669122e3-10ef32"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8a2ad17bbfd90e16-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f667e4c4f7904c33224af255f43e91d143262b7a2be02e955e6a073f1553275f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
wl193.jpg
static.warthunder.com/upload/image/media/warland/ 		485 KB
486 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.warthunder.com/upload/image/media/warland/wl193.jpg
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.61.33.33 , Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
414b2dab96565cc874e46d2ce69166f3e786cec44e1328e70d81ae8643cd52cb

Request headers

Referer
https://warthunder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-id
fr5-hw-edge-gc57
date
Sat, 13 Jul 2024 16:58:32 GMT
age
28
x-cached-since
2024-07-13T16:58:04+00:00
x-id-fe
fr5-hw-edge-gc33
content-length
496467
last-modified
Fri, 06 Dec 2019 13:02:19 GMT
server
nginx
traceparent
00-776003bacc992b5d57b3a68041706ef5-f6307422153d9eab-01
etag
"5dea515b-79353"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
cache
HIT
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ad0f48970e4c0d18e737e4455fb56a8575e19a368dd6e2f28761b4025c1c514

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd55cf914977eab04e43940b2a3b88ff0e01919f62033caf186a9cbe5c6fc63b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		413 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c9b1492d5087d1e5e895939f29fffac5e1c7a1f9a5b660df707989fb258ab6e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd002ec69d4a3233b2ed73086aa2417ba673bb9c95906b1da9b6c4e70006f52a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14c5eea4c2dcdc26f7182f83ba939c9565cf5d052980e1a7f39fdfb4c9a401ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7f94867d8fe3a53b6bf7b0c773e7d3e91442aa825fea7f5d11cec4d33477bf4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
665a618c1cbb3e534f1bdf0c7c110acbeb6d85b767c6efe05b3daab1ce2c8109

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/png
FiraSans-Medium-52b955b5.woff2
warthunder.com/land/signupNewMF/assets/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/FiraSans-Medium-52b955b5.woff2
Requested by
Host: warthunder.com
URL: https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52b955b58e3c9b5cfddca997c790e23ef12ea106ec1a3d1872e8bf28c5d5a625

Request headers

Referer
https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jul 2024 12:34:43 GMT
server
cloudflare
etag
"669122e3-baec"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a2ad17e0abc0e16-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
47852
FiraSans_Regular-a29f883a.woff2
warthunder.com/land/signupNewMF/assets/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/FiraSans_Regular-a29f883a.woff2
Requested by
Host: warthunder.com
URL: https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29f883a136c42b13d6a82d093e2a6fd139b0b9406e64ed01e612a4482a79e2b

Request headers

Referer
https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jul 2024 12:34:43 GMT
server
cloudflare
etag
"669122e3-da9c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8a2ad17e0abe0e16-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
55964
truncated
/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7e390c04c441db46d42cad2251133f522bf974d43024518fc4450479e67ca72

Request headers

Referer
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
font/woff2
wt_logo_anime.webp
static.warthunder.ru/upload/image/landings/logo/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.warthunder.ru/upload/image/landings/logo/wt_logo_anime.webp?v=
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a235221b0ba2a5a09a9a12c35a1cbe02067349273d28520a17986c9ae821bb6a

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
last-modified
Wed, 19 Apr 2023 08:38:34 GMT
server
nginx
etag
"643fa88a-1772e"
x-edge-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000
x-edge-ip
172.19.25.186
accept-ranges
bytes
link
<https://origin-gc-k5z7dfubr4dswe.warthunder.ru/upload/image/landings/logo/wt_logo_anime.webp?v=>; rel="canonical"
content-length
96046
expires
Thu, 31 Dec 2037 23:55:55 GMT
wl193.mp4
static.warthunder.com/upload/image/media/warland/ 		9 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.warthunder.com/upload/image/media/warland/wl193.mp4
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.61.33.33 , Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Range
bytes=0-

Response headers

x-id
fr5-hw-edge-gc62
date
Sat, 13 Jul 2024 16:58:32 GMT
age
42
x-cached-since
2024-07-13T16:57:50+00:00
Content-Range
bytes 0-22555637/22555638
x-id-fe
fr5-hw-edge-gc33
Content-Length
22555638
last-modified
Fri, 06 Dec 2019 13:02:44 GMT
server
nginx
traceparent
00-7b021f680f275e63e453dc283b8cfbea-8dbd708c678148fb-01
etag
"5dea5174-1582bf6"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=315360000
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT
10020777.json
s.yimg.com/wi/config/ 		2 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10020777.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Sat, 13 Jul 2024 16:46:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
N5DQ4KHVAQDR3AXE
age
736
content-length
2
x-amz-id-2
f0JV/RzQS4H+CfNAq2Aknn4HhAoj7NlYzabZFmKUvq6T+gvqEUFV1+60ek5VFqhA4saiMiRmy+I=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
banner.js
consent.cookiefirst.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
Cookie First CDN-DE1-1081 /
Resource Hash
5641ee054da3f3aae15b05655954844b61275cb9feef1ed7d993e64d4d6fe160

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-664
cdn-cachedat
07/11/2024 08:32:38
cdn-pullzone
236985
visitor-location
IT
last-modified
Thu, 11 Jul 2024 08:32:36 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"668f98a4-19661"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=1200
cdn-requestid
68ab34e4bef623b9b7fa1e62f74a1ef1
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=1999183875.1720889912&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma_cps=syphamo&dma=1&npa=1&gtm=45He4790n61HWDXKv...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=1999183875.1720889912&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma_cps=syphamo&dma=1&npa=1&gtm=45He...
42 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=1999183875.1720889912&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma_cps=syphamo&dma=1&npa=1&gtm=45He4790n61HWDXKv6174342za200&auid=1566034912.1720889912
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=1999183875.1720889912&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma_cps=syphamo&dma=1&npa=1&gtm=45He4790n61HWDXKv6174342za200&auid=1566034912.1720889912
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		347 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1c13f134fa3bb1dfbbd515aaa8a1e2ee43ac7c3314d7299dde2f64bad779f988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112167
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 13 Jul 2024 16:58:32 GMT
destination
www.googletagmanager.com/gtag/ 		227 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-977291250&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6234c610eb9aec2a471d9405e9b9d83b4f01dc7f9600bae86dd215c45fc05771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83827
x-xss-protection
0
last-modified
Sat, 13 Jul 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 13 Jul 2024 16:58:32 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 13 Jul 2024 15:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4651
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 13 Jul 2024 17:41:01 GMT
bat.js
bat.bing.com/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b14f93366112e862d6032df772a33da61005b427a7f5a37dfc0a665b0e226b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sat, 13 Jul 2024 16:58:32 GMT
last-modified
Fri, 12 Jul 2024 05:17:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6A8175A671E94D94998F4ECBB9CD184D Ref B: BCN30EDGE0820 Ref C: 2024-07-13T16:58:33Z
etag
"0ed40d91ad4da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14176
fbevents.js
connect.facebook.net/en_US/ 		223 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 13 Jul 2024 16:58:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58653
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=12, mss=1288, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
BuTkpcxIWFNEJH5C5htu6qrD5gtaM9IW0ngKYuSjX3TivNZi0e+LCb2fJT/0fFYfEI7JD0jQ+fAc5IRBGWCBbQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1626307/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
793f27980e005a04b29ff0aff1b3e84f1c34963bb265bf8d6a41f646cd86c90f

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-amz-version-id
nRHraAbnTxH.mpNGVM9nd6AjLRMQrHs5
content-encoding
gzip
via
1.1 varnish
date
Sat, 13 Jul 2024 16:58:32 GMT
x-amz-request-id
03Y3YTGBRMGCM61Q
age
126
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21712
x-amz-id-2
bvpu4OrdXGGml8ETQgr3sCi6tuGYD4IZhIRC4qnRkHXjDM7gr2PRRY8W0r47aBxq3VbGTrnS3gs=
x-served-by
cache-mxp6952-MXP
last-modified
Sun, 07 Jul 2024 11:16:58 GMT
server
AmazonS3
x-timer
S1720889913.641362,VS0,VE1
etag
"3fc029e4599eec8b5e551a9c850625f5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
3
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
dsp
citydsp.com/ 		667 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://citydsp.com/dsp?h=warthunder.com&r=0.7915060065531543
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.33.59 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7567250970a6e086d9a03651a9e5d3f20fc7e65ec6df07f2d0f3421f32414695

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jul 2024 16:58:32 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
pixel.gif
statad.ru/ 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statad.ru/pixel.gif?u=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&r=&w=1&h=0&gW=1600&gH=1200&gDH=1200&gDW=1600&c=eff:4g&t=1720889912427
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.189.239.94 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Connection
keep-alive
Date
Sat, 13 Jul 2024 16:58:38 GMT
Server
nginx/1.25.0
rtrg
vk.com/ 		49 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-498777-cCNoW&metatag_url=https%3A%2F%2Fwarthunder.com%2F&metatag_title=%20War%20Thunder%20%E2%80%94%20Registration%20
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
kittenx / KPHP/7.4.117517
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-trace-id
XXqXSLb010tgujk5T0yiYgbpaLYhYQ
date
Sat, 13 Jul 2024 16:58:32 GMT
content-encoding
gzip
x-frontend
front656700
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.117517
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
reporting-endpoints
default="https://vk.com/browser_reports?dest=default_reports"
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10429.oj86aIwWVaacMOinDnsnfCU2jBxAL0qO0PGSsNSt_rg3Fmr8yuOywbjZ0jiERU51.AA3XrNtEZeDj0jXqrTGM3vsnUyY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10429.5zK65aZOXOiP63dF7TwOFC5mpNVktJ2M5xDa4bLcgsR5jhWaP-6zG6LUKF2acB3QJnQGgkKAb4Rnvial-s1e_J4bfloIhYbFpiDxAx-dJB_JFVDVJopMbG6iY0gMSMKk_ZENamnjXB...
43 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10429.5zK65aZOXOiP63dF7TwOFC5mpNVktJ2M5xDa4bLcgsR5jhWaP-6zG6LUKF2acB3QJnQGgkKAb4Rnvial-s1e_J4bfloIhYbFpiDxAx-dJB_JFVDVJopMbG6iY0gMSMKk_ZENamnjXBRj8crn6ECbX1L-UGWpLkqmitGHlPm7eyvOBzQco5IdCDz3OPoMByjcdc6HykKxJ8e9waGa-F0EtGrJ2kYXPdQ8MYxI46GtZz0%2C.aXHmVI-Wvund089-UeFfC54pMPQ%2C
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:33 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10429.5zK65aZOXOiP63dF7TwOFC5mpNVktJ2M5xDa4bLcgsR5jhWaP-6zG6LUKF2acB3QJnQGgkKAb4Rnvial-s1e_J4bfloIhYbFpiDxAx-dJB_JFVDVJopMbG6iY0gMSMKk_ZENamnjXBRj8crn6ECbX1L-UGWpLkqmitGHlPm7eyvOBzQco5IdCDz3OPoMByjcdc6HykKxJ8e9waGa-F0EtGrJ2kYXPdQ8MYxI46GtZz0%2C.aXHmVI-Wvund089-UeFfC54pMPQ%2C
date
Sat, 13 Jul 2024 16:58:32 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:32 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sat, 13 Jul 2024 17:58:32 GMT
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3KX7RD39Z5&gtm=45je4790v899146998z86174342za200zb6174342&_p=1720889911597&_gaz=1&gcs=G111&gcd=13t3tPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=323614775.1720889913&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1720889912&sct=1&seg=0&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&dt=War%20Thunder%20%E2%80%94%20Registration&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3028&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3KX7RD39Z5&cid=323614775.1720889913&gtm=45je4790v899146998z86174342za200zb6174342&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.it/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.it/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3KX7RD39Z5&cid=323614775.1720889913&gtm=45je4790v899146998z86174342za200zb6174342&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5&npa=1&frm=0&z=377392686
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
topics_api
psb.taboola.com/ 		65 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-served-by
cache-mxp6981-MXP
date
Sat, 13 Jul 2024 16:58:33 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1720889913.133273,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-cache-hits
0
json
trc.taboola.com/1626307/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1626307/trc/3/json?tim=1720889912875&data=%7B%22id%22%3A883%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1720889912868%2C%22cv%22%3A%2220240704-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwarthunder.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dgaijindistributionkft-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1720889912874%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d2b031bd819ea209c3c7e1d52039a25c55c5074b823ce5190f77bed54cf04741

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-vcl-time-ms
82
date
Sat, 13 Jul 2024 16:58:33 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.26775000000000004
x-fastly-to-nlb-rtt
70835
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6952-MXP
x-log-content-encoding
gzip
server
nginx
x-timer
S1720889913.020037,VS0,VE82
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sp.pl
sp.analytics.yahoo.com/ 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2013%20Jul%202024%2016%3A58%3A32%20GMT&n=-2d&b=War%20Thunder%20%E2%80%94%20Registration&.yp=10020777&f=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&enc=UTF-8&yv=1.16.0&tagmgr=gtm
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.252.40.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-40-201.eu-west-1.compute.amazonaws.com
Software
ATS/9.1.10.121 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.121)
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS/9.1.10.121
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Sat, 13 Jul 2024 16:58:33 GMT
init
retagro.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retagro.com/init?r=0.6182608569401078
Requested by
Host: citydsp.com
URL: https://citydsp.com/dsp?h=warthunder.com&r=0.7915060065531543
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
85.17.170.54 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0855e6ceaa4b07e7e609769d0b63d4f9f800afe28bec6c5393ae841e15300de6

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jul 2024 16:58:33 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
/
x.cnt.my/px/
Redirect Chain
  • https://x.cnt.my/px/?dom=warthunder.com&r=0.5161607613575563
  • https://x.cnt.my/px/?dom=warthunder.com&r=0.5161607613575563&rand=0.8068877320069237&xtmp=1
35 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.cnt.my/px/?dom=warthunder.com&r=0.5161607613575563&rand=0.8068877320069237&xtmp=1
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
138.201.230.88 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.230.201.138.clients.your-server.de
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
server
nginx
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache,max-age=0,must-revalidate, no-cache
content-length
35
expires
0

Redirect headers

date
Sat, 13 Jul 2024 16:58:33 GMT
server
nginx
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
/px/?dom=warthunder.com&r=0.5161607613575563&rand=0.8068877320069237&xtmp=1
content-type
text/plain; charset=utf-8
cache-control
no-cache
content-length
75
expires
0
collect
www.google-analytics.com/j/ 		3 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1291775167&t=pageview&_s=1&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&ul=it-it&de=UTF-8&dt=War%20Thunder%20%E2%80%94%20Registration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiAABBAAAAC~&jid=1375281086&gjid=1314229909&cid=323614775.1720889913&tid=UA-40910063-1&_gid=1382283039.1720889913&_slc=1&gtm=45He4790n61HWDXKv6174342za200&gcs=G111&gcd=13t3t3l2l5&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1712519181
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-40910063-1&cid=323614775.1720889913&jid=1375281086&gjid=1314229909&_gid=1382283039.1720889913&npa=1&_u=YCDAiAABBAAAAG~&z=1351548830
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 Jul 2024 16:58:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
version.json
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 		44 B
781 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/version.json?v=1720889913172
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
Cookie First CDN-DE1-1081 /
Resource Hash
3a83d64fe3c7ebbb567a7cfcc0bdc2b8c391c4006d3138fd92ad6b2484caadbb

Request headers

Accept
application/json
Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:33 GMT
cdn-edgestorageid
1079
cdn-storageserver
DE-676
cdn-cachedat
07/13/2024 16:58:33
cdn-pullzone
236985
content-length
44
visitor-location
IT
last-modified
Thu, 04 Jul 2024 09:39:13 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
588
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"66866dc1-2c"
content-type
application/json
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=10
cdn-requestid
933ac02be1c9bee5abdeb0bcf1729b5c
accept-ranges
bytes
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
1751351005148330
connect.facebook.net/signals/config/ 		60 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1751351005148330?v=2.9.161&r=stable&domain=warthunder.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
da92326532f0831192665b2501805c3b177f3ce69c2a4ef0cce568f6c403439f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 13 Jul 2024 16:58:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12479
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=16, rtx=0, c=64, mss=1288, tbw=64188, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
1fwEU3oGqBlYqkU1421om/z7x6iaS6ob+iIpD361OxnbAcBftgP4WM8c7h3FTfNTmPCcgIFzDI0MtNIBEF4E3g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame A3AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1048
content-type
text/html
date
Sat, 13 Jul 2024 16:58:33 GMT
etag
"6684fede-418"
expires
Sat, 13 Jul 2024 17:58:33 GMT
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/21262261/
Redirect Chain
  • https://mc.yandex.com/watch/21262261?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&u...
  • https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8...
459 B
542 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A439990975601%3Ahid%3A446341343%3Az%3A120%3Ai%3A20240713185832%3Aet%3A1720889913%3Ac%3A1%3Arn%3A470604206%3Arqn%3A1%3Au%3A172088991310184714%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2384%3Awv%3A2%3Ads%3A0%2C475%2C792%2C12%2C1%2C0%2C%2C543%2C2%2C%2C%2C%2C2256%3Aco%3A0%3Acpf%3A1%3Ans%3A1720889909727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720889913%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
a3bbabc6704685d4e83986c9e6514982be37fe7dda79c7b885b9a8e2b2cec806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 13-Jul-2024 16:58:33 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://warthunder.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
459
x-xss-protection
1; mode=block
expires
Sat, 13-Jul-2024 16:58:33 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:33 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 13-Jul-2024 16:58:33 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A439990975601%3Ahid%3A446341343%3Az%3A120%3Ai%3A20240713185832%3Aet%3A1720889913%3Ac%3A1%3Arn%3A470604206%3Arqn%3A1%3Au%3A172088991310184714%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2384%3Awv%3A2%3Ads%3A0%2C475%2C792%2C12%2C1%2C0%2C%2C543%2C2%2C%2C%2C%2C2256%3Aco%3A0%3Acpf%3A1%3Ans%3A1720889909727%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720889913%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29
access-control-allow-origin
https://warthunder.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 13-Jul-2024 16:58:33 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1751351005148330&ev=PageView&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&rl=&if=false&ts=1720889913375&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720889913366.945668593730184335&ler=empty&cdl=API_unavailable&it=1720889913220&coo=false&rqm=GET
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1288, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 13 Jul 2024 16:58:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1751351005148330&ev=PageView&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&rl=&if=false&ts=1720889913375&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720889913366.945668593730184335&ler=empty&cdl=API_unavailable&it=1720889913220&coo=false&rqm=FGET
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x137d0de4b1444613","source_keys":["1","2"]},{"key_piece":"0x430637537088880e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sat, 13 Jul 2024 16:58:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391165896470757454", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1288, tbw=3123, tp=-1, tpl=-1, uplat=189, ullat=0
pragma
no-cache
x-fb-debug
an4Jzm4PrAdcdke0MiJJCEuYxfYl93PfH8q/kcVOWUxfbsJth7Xy5t//1+UQnxqx3if/Ke7UmWD+zuD9jbMmIA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391165896470757454"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
5665554.js
bat.bing.com/p/action/ 		335 B
403 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5665554.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b38dd309177afbf533d70a2486ebbaf0508a46f95e10f44744344681f231b32b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Sat, 13 Jul 2024 16:58:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7F39A2AD63E8471AB28CC34BCD242F57 Ref B: BCN30EDGE0820 Ref C: 2024-07-13T16:58:33Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
analytics
retagro.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retagro.com/analytics?id=null&params=%7B%22i%22%3Afalse%2C%22hidden%22%3Afalse%2C%22r%22%3A%22%22%2C%22u%22%3A%22https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F%22%2C%22c%22%3A%7B%22analytic_id%22%3A%221720889913490548%22%7D%2C%22a%22%3A%7B%7D%2C%22store%22%3A%7B%7D%2C%22width%22%3A1600%2C%22height%22%3A1200%2C%22outerWidth%22%3A1600%2C%22outerHeight%22%3A1285%2C%22tabId%22%3A%221720889913491%22%7D
Requested by
Host: retagro.com
URL: https://retagro.com/init?r=0.6182608569401078
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
85.17.170.54 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
07f3f97738e420fa3c10e8654dd2cff3a4792108e4f36283e690cf8d0f43a8ef

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 13 Jul 2024 16:58:34 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5665554&Ver=2&mid=4898d632-3031-4b9a-aacb-51a87414ef10&sid=2374cee0413911efb070076fa0a2b9d3&vid=23750500413911efb96fbdd6683e78c0&vids=1&msclkid=N&pi=918639831&lg=it-IT&sw=1600&sh=1200&sc=24&tl=War%20Thunder%20%E2%80%94%20Registration&p=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&r=&lt=2257&evt=pageLoad&sv=1&cdb=ARoR&rn=319172
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 13 Jul 2024 16:58:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 69713E0517194C729C3B2F05B19ED0FC Ref B: BCN30EDGE0820 Ref C: 2024-07-13T16:58:33Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/config.json?v=b60bc75f-dcc4-499f-828d-b1197f2d2469
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
Cookie First CDN-DE1-1081 /
Resource Hash
72bed9373e397bf7f78b5f204913307a0de8e73764d922894ee910a907c59648

Request headers

Accept
application/json
Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:33 GMT
content-encoding
br
cdn-edgestorageid
1079
cdn-storageserver
DE-588
cdn-cachedat
07/04/2024 09:39:17
cdn-pullzone
236985
visitor-location
IT
last-modified
Thu, 04 Jul 2024 09:39:09 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
588
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"66866dbd-a3d"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=30
cdn-requestid
ce4e22ddb32e8d43148bf1c2215b3b68
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
location
edge.cookiefirst.com/prod/ 		67 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.cookiefirst.com/prod/location?origin=warthunder.com
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
3bcf188b10f5f206388b428aefaa28adb1f09c74f36fb1272a6e6190d5c54eda

Request headers

Accept
application/json
Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:34 GMT
cdn-edgestorageid
1080
cdn-cachedat
07/13/2024 16:58:34
cdn-pullzone
717911
content-length
67
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://warthunder.com
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=1200
cdn-requestid
bb2c95d25b5f1ebaea6390e8be991351
cdn-requestcountrycode
IT
cdn-status
200
cdn-requestpullsuccess
True
lang-widget-en.json
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 		13 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/lang-widget-en.json?v=b60bc75f-dcc4-499f-828d-b1197f2d2469
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
Cookie First CDN-DE1-1081 /
Resource Hash
f1a8e6f701fa61689abdc9cf9ee025800c32cf9843cd4c3f1d6365f9bf63a2f1

Request headers

Accept
application/json
Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:34 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-storageserver
DE-680
cdn-cachedat
07/04/2024 09:39:25
cdn-pullzone
236985
visitor-location
IT
last-modified
Thu, 04 Jul 2024 09:39:11 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"66866dbf-341f"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
521a72449d8c8f101d661e05cb43cea8
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
/
invalid/ 		0
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3KX7RD39Z5&gtm=45je4790v899146998za200zb6174342&_p=1720889911597&gcs=G111&gcd=13t3tPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=323614775.1720889913&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1720889912&sct=1&seg=0&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&dt=War%20Thunder%20%E2%80%94%20Registration&en=scroll&epn.percent_scrolled=90&_et=76&tfd=4955&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1291775167&t=pageview&_s=1&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3DcityadsCPA_lO494r_promo-re%26click_id%3DvyZ22hDu3ZaEAO&dp=%2Fro%2Fplay4free%3Fr%3DcityadsCPA_lO494r_promo-re%26click_id%3DvyZ22hDu3ZaEAO&ul=it-it&de=UTF-8&dt=War%20Thunder%20%E2%80%94%20Registration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aLHACAgBBAAAAGg~&jid=1517822389&gjid=2133028296&cid=1752425914.1720889914&tid=UA-40910063-1&_gid=1236818418.1720889915&_r=1&z=1309631243
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f142.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
play4free
warthunder.com/ro/ Frame 5EE9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://warthunder.com/ro/play4free?r=cityadsCPA_lO494r_promo-re&click_id=vyZ22hDu3ZaEAO
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:35 GMT
x-node-id
05
content-encoding
br
cf-cache-status
DYNAMIC
x-powered-by
PHP/8.0.24
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-request-id
b2513df829bfed099b91acfc3d3e3a2a
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Jul 2024 16:58:35 GMT
server
cloudflare
x-no-red
1
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
8a2ad18f4adf0e16-MXP
expires
Sat, 13 Jul 2024 15:58:35 +0000
unip
trc-events.taboola.com/1626307/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=1901&scd=0&ssd=1&est=1720889912872&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1720889914772&vi=1720889912868&ri=a14410a9ca2d9eab42030e02c4fa44b3&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-origin
https://warthunder.com
pragma
no-cache
date
Sat, 13 Jul 2024 16:58:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
233.362b.c.css
consent.cookiefirst.com/banner/v2.14.26/static-main/ 		127 B
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.26/static-main/233.362b.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
Cookie First CDN-DE1-1081 /
Resource Hash
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:34 GMT
cdn-edgestorageid
1082
cdn-storageserver
DE-383
cdn-cachedat
07/11/2024 08:32:36
cdn-pullzone
236985
content-length
127
visitor-location
IT
last-modified
Thu, 11 Jul 2024 08:32:35 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
818
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"668f98a3-7f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
69b2fe70e756f1c5e3b7d39475111c26
accept-ranges
bytes
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
233.8420.c.js
consent.cookiefirst.com/banner/v2.14.26/static-main/ 		96 B
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.26/static-main/233.8420.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
Cookie First CDN-DE1-1081 /
Resource Hash
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:34 GMT
cdn-edgestorageid
1081
cdn-storageserver
DE-383
cdn-cachedat
07/11/2024 08:32:36
cdn-pullzone
236985
content-length
96
visitor-location
IT
last-modified
Thu, 11 Jul 2024 08:32:35 GMT
server
Cookie First CDN-DE1-1081
cdn-fileserver
818
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"668f98a3-60"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
0f01872136274cb671cb1f00bf74dcee
accept-ranges
bytes
cdn-requestcountrycode
IT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
unip
trc-events.taboola.com/1626307/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=1901&scd=0&ssd=1&est=1720889912872&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1720889914772&vi=1720889912868&ri=a14410a9ca2d9eab42030e02c4fa44b3&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://warthunder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://warthunder.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 13 Jul 2024 16:58:35 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
favicon.ico
warthunder.com/ 		5 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca035b94fc1216f36d794d58e97ca9b4c72dfa6b04e1f6d8bcc5a03cf8abd5b

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 16:58:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 12 Jul 2024 12:34:42 GMT
server
cloudflare
etag
W/"669122e2-159e"
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8a2ad18fcb8e0e16-MXP
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
request.js
script.anura.io/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=3952744944&exid=FD085B8E36B29266C502412902A34B03&source=adcash&campaign=4138295&94199214219
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.169.54.24 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-54-24.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6bf669da64e2871c0a291714bb56eeaace23d977ab16de34cd7addfccfb5e732
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
unip
trc-events.taboola.com/1626307/log/3/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=4903&scd=0&ssd=1&est=1720889912872&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1720889917775&vi=1720889912868&ri=a14410a9ca2d9eab42030e02c4fa44b3&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-origin
https://warthunder.com
pragma
no-cache
date
Sat, 13 Jul 2024 16:58:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1626307/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=4903&scd=0&ssd=1&est=1720889912872&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1720889917775&vi=1720889912868&ri=a14410a9ca2d9eab42030e02c4fa44b3&ref=null&cv=20240704-7-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://warthunder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://warthunder.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Sat, 13 Jul 2024 16:58:37 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
showads.js
ads.anura.io/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?491290112692
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3952744944&exid=FD085B8E36B29266C502412902A34B03&source=adcash&campaign=4138295&94199214219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-108.ams1.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 07:13:29 GMT
content-encoding
gzip
via
1.1 00f66bc6263192200d1a0cdb83e969f8.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
AMS1-P1
age
35109
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
x-amz-cf-id
_F-xLb0iBG6RjcTDE0FFACVzyK84vfbC8Wy43L18drk5wmmIkW2epw==
response.json
script.anura.io/ 		43 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json?65436060119
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3952744944&exid=FD085B8E36B29266C502412902A34B03&source=adcash&campaign=4138295&94199214219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.169.54.24 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-169-54-24.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0a8695f320f0fc343bc17c112745412fd63b42a98a55f0e0edc1dcc65d3f6846
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3KX7RD39Z5&gtm=45je4790v899146998za200zb6174342&_p=1720889911597&gcs=G111&gcd=13t3tPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1752425914.1720889914&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=3&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3DcityadsCPA_lO494r_promo-re%26click_id%3DvyZ22hDu3ZaEAO&sid=1720889912&sct=1&seg=1&dt=War%20Thunder%20%E2%80%94%20Registration&en=page_view&_ee=1&_et=1798&tfd=9956&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2024 16:58:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wl193.mp4
static.warthunder.com/upload/image/media/warland/ 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://static.warthunder.com/upload/image/media/warland/wl193.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.61.33.33 , Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Range
bytes=9623108-

Response headers

x-id
fr5-hw-edge-gc62
date
Sat, 13 Jul 2024 16:58:32 GMT
age
42
x-cached-since
2024-07-13T16:57:50+00:00
Content-Range
bytes 9623108-22555637/22555638
x-id-fe
fr5-hw-edge-gc33
Content-Length
12932530
last-modified
Fri, 06 Dec 2019 13:02:44 GMT
server
nginx
traceparent
00-7b021f680f275e63e453dc283b8cfbea-8dbd708c678148fb-01
etag
"5dea5174-1582bf6"
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=315360000
cache
HIT
expires
Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| preconfig object| localization function| ym object| dotq object| dataLayer function| gtag object| core object| __core-js_shared__ object| analytics object| YAHOO object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq function| fbq function| _fbq object| _tfa boolean| IS_CLIENT_SIDE boolean| IS_WEB function| _bridgeSend function| _bridgeSupports function| obj2qs object| fastXDM object| VK object| Ya object| yaCounter21262261 function| onYouTubeIframeAPIReady object| gaGlobal function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| $XCNT object| gaplugins object| gaData object| chunkCB function| addCFGTMConsentListener number| __COOKIE_BANNER_INIT_TIME__ function| UET function| UET_init function| UET_push object| ueto_6a5a3a1d7e object| rAn object| ret object| CookieFirst function| cookiefirst_show_settings object| Anura

45 Cookies

Domain/Path Name / Value
.warthunder.com/ro Name: _ga
Value: GA1.1.1752425914.1720889914
.warthunder.com/ Name: identity_sid
Value: udihdg1clhe546kk693v78d4qj
warthunder.com/ Name: language
Value: en
warthunder.com/ Name: afsId
Value: FD085B8E36B29266C502412902A34B03
warthunder.com/ Name: partner_info
Value: aHR0cHM6Ly93YXJ0aHVuZGVyLmNvbTo0NDMvcm8vcGxheTRmcmVlP3I9YWRjYXNoXzQxMzgyOTUmVHJhbnNhY3Rpb25fSUQ9MTYzNzExNzA2ODEzMzMyNTY2NzAxNDI1MTE2MDEzNzA4NDQ%253D
warthunder.com/ Name: ref_name
Value: adcash
.warthunder.com/ Name: conntrack
Value: jlsI/WaSsjYpQQLFA0ujAg==
warthunder.com/ Name: _language
Value: en
.vk.com/ Name: remixlang
Value: 7
.vk.com/ Name: remixstlid
Value: 9064376113724407923_0TzWI72tJzoSZC4H93RkXODwInvrZnRzumDsmUzGb5k
.yandex.ru/ Name: i
Value: tgjnqW+SxZSVAiKdifgjRT1GR03ENHB30W45SsT0yB/PboLWMjRjJfMQ9JF+AJwvOrwuTZgBck476aT4cBWBttXvdSk=
.yandex.ru/ Name: yandexuid
Value: 4652524171720889912
.yandex.ru/ Name: yashr
Value: 7010517951720889912
.warthunder.com/ Name: _gcl_au
Value: 1.1.1566034912.1720889912
.warthunder.com/ Name: _ym_uid
Value: 172088991310184714
.warthunder.com/ Name: _ym_d
Value: 1720889913
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2936592289fake
.statad.ru/ Name: serv
Value: 3
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1235293012fake
citydsp.com/ Name: userId
Value: 15645189485
.warthunder.com/ Name: _dc_gtm_UA-40910063-1
Value: 1
.yandex.com/ Name: yashr
Value: 3228177721720889912
.warthunder.com/ Name: _ym_isad
Value: 2
.yandex.com/ Name: yandexuid
Value: 4652524171720889912
.yandex.com/ Name: yuidss
Value: 4652524171720889912
.yandex.com/ Name: i
Value: tgjnqW+SxZSVAiKdifgjRT1GR03ENHB30W45SsT0yB/PboLWMjRjJfMQ9JF+AJwvOrwuTZgBck476aT4cBWBttXvdSk=
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1165874481720889913
.yandex.com/ Name: ymex
Value: 1752425913.yrts.1720889913
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MA==
.warthunder.com/ Name: _fbp
Value: fb.1.1720889913366.945668593730184335
.cnt.my/ Name: xcntID
Value: y20c238b5b9950c9ab
.warthunder.com/ Name: analytic_id
Value: 1720889913490548
.warthunder.com/ Name: _uetsid
Value: 2374cee0413911efb070076fa0a2b9d3
.warthunder.com/ Name: _uetvid
Value: 23750500413911efb96fbdd6683e78c0
.bing.com/ Name: MUID
Value: 2C7D15354A796D3E17D3018E4BD76CF7
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.warthunder.com/ Name: _ga_3KX7RD39Z5
Value: GS1.1.1720889912.1.1.1720889914.58.0.0
.warthunder.com/ Name: _ga
Value: GA1.2.1752425914.1720889914
.warthunder.com/ Name: _gid
Value: GA1.2.1236818418.1720889915
.warthunder.com/ Name: _gat_VUEtNDA5MTAwNjMtMQ
Value: 1
warthunder.com/ Name: track_lp
Value: 2
warthunder.com/ Name: wt_l_page
Value: cityadscpa
warthunder.com/ Name: wt_l_page_url
Value: %2Fro%2Fplay4free%3Fr%3DcityadsCPA_lO494r_promo-re%26click_id%3DvyZ22hDu3ZaEAO

1 Console Messages

Source Level URL
Text
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
bat.bing.com
cdn.taboola.com
citydsp.com
connect.facebook.net
consent.cookiefirst.com
edge.cookiefirst.com
googleads.g.doubleclick.net
invalid
mc.yandex.com
mc.yandex.ru
psb.taboola.com
region1.analytics.google.com
retagro.com
s.yimg.com
script.anura.io
sp.analytics.yahoo.com
statad.ru
static.warthunder.com
static.warthunder.ru
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
uep.gaijin.net
vk.com
warthunder.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
x.cnt.my
invalid
104.20.83.98
109.61.33.33
138.201.230.88
141.226.228.48
142.250.184.227
142.250.185.132
142.250.185.168
142.250.186.98
151.101.129.44
151.101.65.44
157.240.252.13
157.240.253.35
169.150.247.37
169.150.247.38
173.194.76.156
18.169.54.24
18.203.112.243
18.65.39.108
185.40.155.13
204.79.197.237
216.239.34.36
216.58.212.142
34.252.40.201
5.189.239.94
85.17.170.54
87.240.129.133
87.248.119.251
87.250.250.119
93.158.134.119
95.211.33.59
0794ec55ac26233eb8ceed5fc64073eea5d00df95da9cc31f18b578a64762782
07f3f97738e420fa3c10e8654dd2cff3a4792108e4f36283e690cf8d0f43a8ef
0855e6ceaa4b07e7e609769d0b63d4f9f800afe28bec6c5393ae841e15300de6
0940358a29b1cd55acd6c15932fb6c6b241d67d9500baead8b8f7704f6a59b76
0a8695f320f0fc343bc17c112745412fd63b42a98a55f0e0edc1dcc65d3f6846
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
14c5eea4c2dcdc26f7182f83ba939c9565cf5d052980e1a7f39fdfb4c9a401ab
1c13f134fa3bb1dfbbd515aaa8a1e2ee43ac7c3314d7299dde2f64bad779f988
1ca035b94fc1216f36d794d58e97ca9b4c72dfa6b04e1f6d8bcc5a03cf8abd5b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
219ed662ad05089696336f42e6c906b8464521a6956032cc6e8251f369a3ac86
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3a83d64fe3c7ebbb567a7cfcc0bdc2b8c391c4006d3138fd92ad6b2484caadbb
3bcf188b10f5f206388b428aefaa28adb1f09c74f36fb1272a6e6190d5c54eda
414b2dab96565cc874e46d2ce69166f3e786cec44e1328e70d81ae8643cd52cb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c9b1492d5087d1e5e895939f29fffac5e1c7a1f9a5b660df707989fb258ab6e
52b955b58e3c9b5cfddca997c790e23ef12ea106ec1a3d1872e8bf28c5d5a625
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5641ee054da3f3aae15b05655954844b61275cb9feef1ed7d993e64d4d6fe160
6234c610eb9aec2a471d9405e9b9d83b4f01dc7f9600bae86dd215c45fc05771
63f401bae95147df93352ecf1f14d8cc25ef66b48f6ddec14337c16435f55a13
665a618c1cbb3e534f1bdf0c7c110acbeb6d85b767c6efe05b3daab1ce2c8109
6784f9ac4ae19ed8651c632b214f40cac44abd344870ddd30ff1b93b08ba3103
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf669da64e2871c0a291714bb56eeaace23d977ab16de34cd7addfccfb5e732
72bed9373e397bf7f78b5f204913307a0de8e73764d922894ee910a907c59648
7567250970a6e086d9a03651a9e5d3f20fc7e65ec6df07f2d0f3421f32414695
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
793f27980e005a04b29ff0aff1b3e84f1c34963bb265bf8d6a41f646cd86c90f
7ad0f48970e4c0d18e737e4455fb56a8575e19a368dd6e2f28761b4025c1c514
86052501ca3c6a969af6c6fd2068196fa02884514cb6ee72b7e5bcbf4f6fd5ba
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
a235221b0ba2a5a09a9a12c35a1cbe02067349273d28520a17986c9ae821bb6a
a29f883a136c42b13d6a82d093e2a6fd139b0b9406e64ed01e612a4482a79e2b
a3bbabc6704685d4e83986c9e6514982be37fe7dda79c7b885b9a8e2b2cec806
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b14f93366112e862d6032df772a33da61005b427a7f5a37dfc0a665b0e226b49
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb
b38dd309177afbf533d70a2486ebbaf0508a46f95e10f44744344681f231b32b
b7f94867d8fe3a53b6bf7b0c773e7d3e91442aa825fea7f5d11cec4d33477bf4
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
cd55cf914977eab04e43940b2a3b88ff0e01919f62033caf186a9cbe5c6fc63b
d2b031bd819ea209c3c7e1d52039a25c55c5074b823ce5190f77bed54cf04741
d7e390c04c441db46d42cad2251133f522bf974d43024518fc4450479e67ca72
da92326532f0831192665b2501805c3b177f3ce69c2a4ef0cce568f6c403439f
dd002ec69d4a3233b2ed73086aa2417ba673bb9c95906b1da9b6c4e70006f52a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1
ea23b93dd864835c7e4df7c7d29719933ed29ca19a7dba823a8f8b57dd8fb041
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a8e6f701fa61689abdc9cf9ee025800c32cf9843cd4c3f1d6365f9bf63a2f1
f667e4c4f7904c33224af255f43e91d143262b7a2be02e955e6a073f1553275f
fef4067cfce5478e9f0289af2f3a248b846ec00e732d1dae398ca7f41f4568b8