ru.warface.com Open in urlscan Pro
195.211.131.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkM...
Effective URL:
https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c91...
Submission: On August 09 via api (August 9th 2023, 7:21:09 pm UTC) from US — Scanned from NL

Summary HTTP 93 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 23 domains to perform 93 HTTP transactions. The main IP is 195.211.131.162, located in Russian Federation and belongs to NIVAL-AS, RU. The main domain is ru.warface.com. The Cisco Umbrella rank of the primary domain is 904779.
TLS certificate: Issued by R3 on May 22nd 2023. Valid for: 3 months.

This is the only time ru.warface.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.200.64.20 193.200.64.20	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1 1	193.200.64.30 193.200.64.30	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1 1	31.133.223.169 31.133.223.169	50245 (SERVEREL-AS) (SERVEREL-AS)
1 1	45.66.97.16 45.66.97.16	202372 (UPWAKE-AS) (UPWAKE-AS)
1 2	195.211.21.6 195.211.21.6	21051 (NIVAL-AS) (NIVAL-AS)
5	195.211.131.162 195.211.131.162	21051 (NIVAL-AS) (NIVAL-AS)
2	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
35	195.211.131.165 195.211.131.165	21051 (NIVAL-AS) (NIVAL-AS)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (ADFACT) (ADFACT)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 20	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	87.240.132.72 87.240.132.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
2	88.198.27.52 88.198.27.52	24940 (HETZNER-AS) (HETZNER-AS)
1	188.93.63.17 188.93.63.17	47764 (VK-AS) (VK-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
93	22

1 193.200.64.20 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: etarg.network

granpowder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.30 (Amsterdam, Netherlands) 1 redirects

ASN6681 (GIVEME-CLOUD, PL)
PTR: cpabeta.com

playtatorsec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.133.223.169 (Amsterdam, Netherlands) 1 redirects

ASN50245 (SERVEREL-AS, US)

gameslnk.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.66.97.16 (Netherlands) 1 redirects

ASN202372 (UPWAKE-AS, CY)

1l-go.my.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.211.21.6 (Russian Federation) 1 redirects

ASN21051 (NIVAL-AS, RU)

1l-go.vkplay.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1l-hit.vkplay.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 195.211.131.162 (Russian Federation)

ASN21051 (NIVAL-AS, RU)

ru.warface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 195.211.131.165 (Russian Federation)

ASN21051 (NIVAL-AS, RU)

wf.cdn.gmru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (ADFACT, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.240.132.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.27.52 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-27-52.clients.your-server.de

code.r5hsid.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hit.acstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.93.63.17 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: gw-mru.ext.terrhq.ru

vkplay.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	gmru.net wf.cdn.gmru.net — Cisco Umbrella Rank: 999319	2 MB
20	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4117	77 KB
5	warface.com ru.warface.com — Cisco Umbrella Rank: 904779	23 KB
4	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 11077	19 KB
4	vk.com vk.com — Cisco Umbrella Rank: 6997	62 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 54	22 KB
3	vkplay.ru 1 redirects 1l-go.vkplay.ru — Cisco Umbrella Rank: 906848 1l-hit.vkplay.ru — Cisco Umbrella Rank: 205952 vkplay.ru — Cisco Umbrella Rank: 95948	237 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	google.nl www.google.nl — Cisco Umbrella Rank: 9481	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 114	395 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2770 www.google.com — Cisco Umbrella Rank: 3	661 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	65 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	134 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 14083	708 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11740	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	175 KB
2	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 3026	815 B
1	acstat.com hit.acstat.com — Cisco Umbrella Rank: 80176	202 B
1	r5hsid.ru code.r5hsid.ru — Cisco Umbrella Rank: 320335	4 KB
1	my.games 1 redirects 1l-go.my.games	539 B
1	gameslnk.cc 1 redirects gameslnk.cc	555 B
1	playtatorsec.com 1 redirects playtatorsec.com	568 B
1	granpowder.com granpowder.com	657 B
93	23

	Domain	Requested by
35	wf.cdn.gmru.net	ru.warface.com wf.cdn.gmru.net client
20	mc.yandex.ru	1 redirects granpowder.com ru.warface.com mc.yandex.ru
5	ru.warface.com	granpowder.com ru.warface.com wf.cdn.gmru.net
4	top-fwz1.mail.ru	granpowder.com top-fwz1.mail.ru
4	vk.com	granpowder.com ru.warface.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	ru.warface.com
2	www.google.nl	ru.warface.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	connect.facebook.net	granpowder.com connect.facebook.net
2	www.tns-counter.ru	1 redirects ru.warface.com
2	counter.yadro.ru	1 redirects ru.warface.com
2	www.googletagmanager.com	wf.cdn.gmru.net www.googletagmanager.com
2	cdn.polyfill.io	ru.warface.com
1	www.google.com
1	hit.acstat.com	ru.warface.com
1	region1.analytics.google.com	www.googletagmanager.com
1	vkplay.ru	wf.cdn.gmru.net
1	code.r5hsid.ru	granpowder.com
1	1l-hit.vkplay.ru	wf.cdn.gmru.net
1	1l-go.vkplay.ru	1 redirects
1	1l-go.my.games	1 redirects
1	gameslnk.cc	1 redirects
1	playtatorsec.com	1 redirects
1	granpowder.com
93	26

This site contains links to these domains. Also see Links.

Domain
cryengine.com
vkplay.ru
astrum-entertainment.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
granpowder.com R3	`2023-08-08` - `2023-11-06`	3 months	crt.sh
*.warface.com R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.cdn.gmru.net GlobalSign RSA OV SSL CA 2018	`2023-03-15` - `2024-04-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
vkplay.ru GlobalSign RSA OV SSL CA 2018	`2023-05-24` - `2024-06-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-19` - `2023-08-17`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
code.r5hsid.ru R3	`2023-08-02` - `2023-10-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
hit.acstat.com R3	`2023-08-04` - `2023-11-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
Frame ID: 3EC22063E751DBCCF415DCCB7B371125
Requests: 95 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Подарки за вход в игру | Warface

Page URL History Show full URLs

https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjM... Page URL
http://playtatorsec.com/click/?id=14220&subid_1=271676&subid_2=32831&subid_3=16797&subid_5=&click_id... HTTP 302
https://gameslnk.cc/go/4b0c10f7e90b426ba296e4242aaa9b3e365b64d1eb0a0b0b/?subid2=4041&tid=8908854... HTTP 302
https://1l-go.my.games/r/adid/3134156_2012478/pid/274/pof/1/f/3/pbpn/oprtrack/?_1larg_sub=207434&_1... HTTP 302
https://1l-go.vkplay.ru/r/adid/3134156_2012478/pid/274/pof/1/f/3/pbpn/oprtrack/?_1larg_sub=207434&_1... HTTP 302
https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r
<a href="http://www\.liveinternet\.ru/click"

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

93
Requests

97 %
HTTPS

50 %
IPv6

23
Domains

26
Subdomains

22
IPs

5
Countries

2434 kB
Transfer

4116 kB
Size

46
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://cryengine.com/

Search URL Search Domain Scan URL

URL: https://vkplay.ru/

Search URL Search Domain Scan URL

URL: https://astrum-entertainment.ru/

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM= Page URL
http://playtatorsec.com/click/?id=14220&subid_1=271676&subid_2=32831&subid_3=16797&subid_5=&click_id=25921_271676_7_5_s43_ HTTP 302
https://gameslnk.cc/go/4b0c10f7e90b426ba296e4242aaa9b3e365b64d1eb0a0b0b/?subid2=4041&tid=890885471691608835&subid=16797_410 HTTP 302
https://1l-go.my.games/r/adid/3134156_2012478/pid/274/pof/1/f/3/pbpn/oprtrack/?_1larg_sub=207434&_1lpb_id=1665&_1lpb_clickId=4b0c10f764d3e703a1e3c912609384&utm_source=advertise&utm_medium=affiliate&utm_campaign=207434 HTTP 302
https://1l-go.vkplay.ru/r/adid/3134156_2012478/pid/274/pof/1/f/3/pbpn/oprtrack/?_1larg_sub=207434&_1lpb_id=1665&_1lpb_clickId=4b0c10f764d3e703a1e3c912609384&utm_source=advertise&utm_medium=affiliate&utm_campaign=207434 HTTP 302
https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://counter.yadro.ru/hit?t25.5;r;s1600*1200*24;uhttps%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise;0.3823590133833037 HTTP 302
https://counter.yadro.ru/hit?q;t25.5;r;s1600*1200*24;uhttps%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise;0.3823590133833037

Request Chain 26

https://www.tns-counter.ru/V13a***R%3E*mail_ru/ru/UTF-8/tmsec=mail_games-wf-other/763917680 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*mail_ru/ru/UTF-8/tmsec=mail_games-wf-other/763917680

Request Chain 68

https://mc.yandex.ru/watch/27036375?wmode=7&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1387%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A983163627495%3Ahid%3A333997951%3Az%3A120%3Ai%3A20230809212037%3Aet%3A1691608838%3Ac%3A1%3Arn%3A961336479%3Arqn%3A1%3Au%3A1691608838110131459%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A51%2C174%2C62%2C1%2C490%2C0%2C%2C772%2C4%2C%2C%2C%2C1550%3Aco%3A0%3Acpf%3A1%3Ans%3A1691608835539%3Arqnl%3A1%3Ast%3A1691608838%3At%3A%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface&t=gdpr(14)clc(0-0-0)rqnt(1)hc(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/27036375/1?wmode=7&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1387%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A983163627495%3Ahid%3A333997951%3Az%3A120%3Ai%3A20230809212037%3Aet%3A1691608838%3Ac%3A1%3Arn%3A961336479%3Arqn%3A1%3Au%3A1691608838110131459%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A51%2C174%2C62%2C1%2C490%2C0%2C%2C772%2C4%2C%2C%2C%2C1550%3Aco%3A0%3Acpf%3A1%3Ans%3A1691608835539%3Arqnl%3A1%3Ast%3A1691608838%3At%3A%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29hc%281%29aw%281%29ti%281%29&redirnss=1

93 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=
granpowder.com/clicks/ 211 B
657 B 67ms
18ms Document
text/html 193.200.64.20
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.20 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: etarg.network
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Aug 2023 19:20:35 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3P: CP="NON DSP COR CURa TIA"
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1

200
OK

Primary Request new Show response
ru.warface.com/promo/roulette/
Redirect Chain

http://playtatorsec.com/click/?id=14220&subid_1=271676&subid_2=32831&subid_3=16797&subid_5=&click_id=25921_271676_7_5_s43_
https://gameslnk.cc/go/4b0c10f7e90b426ba296e4242aaa9b3e365b64d1eb0a0b0b/?subid2=4041&tid=890885471691608835&subid=16797_410
https://1l-go.my.games/r/adid/3134156_2012478/pid/274/pof/1/f/3/pbpn/oprtrack/?_1larg_sub=207434&_1lpb_id=1665&_1lpb_clickId=4b0c10f764d3e703a1e3c912609384&utm_source=advertise&utm_medium=affiliate...
https://1l-go.vkplay.ru/r/adid/3134156_2012478/pid/274/pof/1/f/3/pbpn/oprtrack/?_1larg_sub=207434&_1lpb_id=1665&_1lpb_clickId=4b0c10f764d3e703a1e3c912609384&utm_source=advertise&utm_medium=affiliat...
https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise

5 KB
5 KB

287ms
62ms

Document
text/html

195.211.131.162
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise

Requested by

Host: granpowder.com
URL: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

195.211.131.162 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

7cfc00e83f27224577c28f7de59dd08dc7e083bd74a7da25e889a574b72252a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Wed, 09 Aug 2023 19:20:36 GMT
Keep-Alive: timeout=120
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Transfer-Encoding: chunked
X-Cached: MISS:prod
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 170
Content-Type: text/html
Date: Wed, 09 Aug 2023 19:20:36 GMT
Expires: Wed, 09 Aug 2023 19:20:35 GMT
Location: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
Server: nginx/1.14.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
(OK) n.js Show response
ru.warface.com/ 3 KB
2 KB 64ms
64ms Script
application/javascript 195.211.131.162
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ru.warface.com/n.js

Requested by

Host: ru.warface.com
URL: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

195.211.131.162 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

5b5069a302cadcd9f54b5069a706b464eee53c5b16918be36997df6abd77dbdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Wed, 09 Aug 2023 19:20:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 19:20:35 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block
Expires: Wed, 09 Aug 2023 19:20:35 GMT

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 100 B
666 B 53ms
14ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 09 Aug 2023 19:20:36 GMT
age: 1235769
detected-user-agent: Chrome/115.0.0
useragent_normaliser: chrome/115.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104
referrer-policy: origin-when-cross-origin
last-modified: Mon, 24 Jul 2023 22:12:52 GMT
fastly_service_version: 222
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/115.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK app.f130a2189967d9c2c6bb5860ce268582.css
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/ 41 KB
41 KB 432ms
108ms Stylesheet
text/css 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

db11675214544556b0eca42fed0d90c9553585ca647255bbb3f1a694949f9a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 05 Jul 2023 13:39:08 GMT
Server: nginx
ETag: "64a5727c-a341"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 41793
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK footer.css
wf.cdn.gmru.net/static/wf.mail.ru/modules/footer/css/ 1 KB
2 KB 412ms
54ms Stylesheet
text/css 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/modules/footer/css/footer.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

1d0cb7f824ff8a78b8d1603b6e3ceb2eb5c1268602c9a844533ab8fd09626d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 20 Aug 2021 14:39:25 GMT
Server: nginx
ETag: "611fbe9d-4a3"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 1187
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK cryengine.png
wf.cdn.gmru.net/static/wf.mail.ru/img/main/page/footer/lp/ 3 KB
4 KB 55ms
55ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/img/main/page/footer/lp/cryengine.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

f05377ea8e339e81724554395270041365cc95a3616e16505ce027a944856c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 04 Oct 2019 11:51:00 GMT
Server: nginx
ETag: "5d973224-caf"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 3247
X-XSS-Protection: 1; mode=block
X-Cached: MISS

GET
H/1.1 200
OK vkplay.png
wf.cdn.gmru.net/static/wf.mail.ru/img/main/page/footer/lp/ 3 KB
3 KB 54ms
54ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/img/main/page/footer/lp/vkplay.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

a9b85b80315bea8df802657efcb4a66f20c57a493da7b861ba138b44887dcbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 08 Sep 2022 13:14:53 GMT
Server: nginx
ETag: "6319eacd-aaf"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 2735
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK astrum.png
wf.cdn.gmru.net/static/wf.mail.ru/img/main/page/footer/lp/ 4 KB
4 KB 54ms
54ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/img/main/page/footer/lp/astrum.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

c425e2e9b44c66903cda926e8c418153166b9fc0021cde42a3318223c69fee28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 13:09:13 GMT
Server: nginx
ETag: "642589f9-e07"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 3591
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK ico12.png
wf.cdn.gmru.net/static/wf.mail.ru/img/main/page/footer/ 6 KB
6 KB 55ms
54ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/img/main/page/footer/ico12.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

28f232112e9e48056bb0ca1fe3480b4ec3c4b04750e7a6190760e2ab47326cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 24 Jul 2017 08:15:44 GMT
Server: nginx
ETag: "5975acb0-1801"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 6145
X-XSS-Protection: 1; mode=block
X-Cached: MISS

GET
H/1.1 200
OK gtm_events.js Show response
wf.cdn.gmru.net/static/wf.mail.ru/js/main/ 5 KB
6 KB 225ms
55ms Script
application/javascript 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/js/main/gtm_events.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

194758e405333fa79621731a1122f75eb0c143e429973d9bf829a71e8c8879b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 04 Apr 2023 14:39:39 GMT
Server: nginx
ETag: "642c36ab-1481"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 5249
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK 1link_processing.js Show response
wf.cdn.gmru.net/static/wf.mail.ru/js/ 558 B
1008 B 250ms
56ms Script
application/javascript 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/js/1link_processing.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

ccf632004b98d54f3500b7fb853d4380c3e0754a7cefb97ec5e23da8039da5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 19 Oct 2022 09:01:18 GMT
Server: nginx
ETag: "634fbcde-22e"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 558
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK 1link_long.js Show response
wf.cdn.gmru.net/static/wf.mail.ru/js/ 1 KB
1 KB 274ms
54ms Script
application/javascript 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/js/1link_long.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

e409f8f59d4dc4c82bc8048a1b88593c4195aaa2bd63e13ab941df56f8285225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 19 Oct 2022 09:01:18 GMT
Server: nginx
ETag: "634fbcde-40e"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 1038
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK jquery-2.1.4.min.js Show response
wf.cdn.gmru.net/static/general/js/ 82 KB
83 KB 331ms
109ms Script
application/javascript 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/js/jquery-2.1.4.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 06 Dec 2017 00:19:04 GMT
Server: nginx
ETag: "5a273778-1499c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 84380
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK autoupload.js Show response
ru.warface.com/static/wf.mail.ru/promo/roulette/new/js/ 14 KB
15 KB 59ms
58ms Script
application/javascript 195.211.131.162
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ru.warface.com/static/wf.mail.ru/promo/roulette/new/js/autoupload.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

195.211.131.162 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

65c44530726a75c04cd39583f648f3ea7cf52311fc4c2c75120524de5c7b21df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-3965"
Content-Type: application/javascript
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 14693
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK auth.js Show response
wf.cdn.gmru.net/static/wf.mail.ru/js/main/ 25 KB
26 KB 116ms
110ms Script
application/javascript 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/js/main/auth.js?2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

a4a8f9f6082936bed10b479026709f7e17ed047a14d14d7024474eb036b439d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 21 Jul 2023 09:49:52 GMT
Server: nginx
ETag: "64ba54c0-6574"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 25972
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK manifest.53f9df935be68859d457.js Show response
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/js/ 922 B
1 KB 56ms
54ms Script
application/javascript 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/js/manifest.53f9df935be68859d457.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

3a3835b1fab4d89213a56a1e6661f37de7da9f90c2b67239f5c5012e3355ccd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 26 Jun 2023 08:46:35 GMT
Server: nginx
ETag: "6499506b-39a"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 922
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK vendor.a2fd392b3da797eb4672.js Show response
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/js/ 180 KB
180 KB 113ms
113ms Script
application/javascript 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/js/vendor.a2fd392b3da797eb4672.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

70cb446dc70c1d9ed162874bc494445033bf868a6746712b352d8059ee62a755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 05 Jul 2023 13:39:08 GMT
Server: nginx
ETag: "64a5727c-2cff0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 184304
X-XSS-Protection: 1; mode=block
X-Cached: MISS

GET
H/1.1 200
OK app.458bf0fb40f8816971b8.js Show response
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/js/ 21 KB
21 KB 114ms
113ms Script
application/javascript 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/js/app.458bf0fb40f8816971b8.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

1c9a300614c47f8d78a276d30168402ec1a62ef4c5c1b73851886bee3a045668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 05 Jul 2023 13:39:08 GMT
Server: nginx
ETag: "64a5727c-5394"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 21396
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
DATA 200
OK truncated
/ 281 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2beebc63f3f9767490d3835c842e548f890f01505f97b989b5692826c1c739e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK n.gif
ru.warface.com/ 43 B
377 B 115ms
56ms Image
image/gif 195.211.131.162
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ru.warface.com/n.gif?122,1882544

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

195.211.131.162 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Keep-Alive: timeout=120
Content-Length: 43

GET
H2 200 polyfill.min.js
cdn.polyfill.io/v2/ 100 B
149 B 14ms
14ms Other
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 09 Aug 2023 19:20:36 GMT
age: 1235769
detected-user-agent: Chrome/115.0.0
useragent_normaliser: chrome/115.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104
referrer-policy: origin-when-cross-origin
last-modified: Mon, 24 Jul 2023 22:12:52 GMT
fastly_service_version: 222
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/115.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK font.css
wf.cdn.gmru.net/static/general/fonts/SuisseIntl/ 2 KB
2 KB 98ms
55ms Stylesheet
text/css 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/SuisseIntl/font.css

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

a4b0a80d20e6040a4fe9eaa7c71fa81282012971f71250e950f4a6b1b9a32d31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 07 Apr 2021 09:13:22 GMT
Server: nginx
ETag: "606d77b2-7bf"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 1983
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK font.css
wf.cdn.gmru.net/static/general/fonts/TacticSans/ 3 KB
3 KB 99ms
55ms Stylesheet
text/css 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

50f1bd4d44fda33e4e081064d0cc769c6b378ea2b2f62d60fdff4bd7b422a4eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:36 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 07 Apr 2021 09:40:47 GMT
Server: nginx
ETag: "606d7e1f-a93"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 2707
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
92 KB 85ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLXLWDC

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/js/main/gtm_events.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a70c5385688a1b66426538419bfd7dad9d49a55da388297fc1a03c833f24ab31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93380
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 18:21:12 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Aug 2023 19:20:36 GMT

GET
H/1.1 200
OK 274.js Show response
1l-hit.vkplay.ru/v1/hit/ 529 B
847 B 219ms
52ms Script
application/javascript 195.211.21.6
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://1l-hit.vkplay.ru/v1/hit/274.js?r=&_1larg_ep=2012478&rnd=0.3421575733423705

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/js/1link_processing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

195.211.21.6 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

205389300d792c76fbd171bcf542f38ddc349f1a634dda7df6ff03cca5d95c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Expires: Wed, 09 Aug 2023 19:20:36 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t25.5;r;s1600*1200*24;uhttps%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_...
https://counter.yadro.ru/hit?q;t25.5;r;s1600*1200*24;uhttps%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26ut...

98 B
583 B

54ms
53ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t25.5;r;s1600*1200*24;uhttps%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise;0.3823590133833037

Requested by

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

42670c44705a5b685c7f70b576d7df48a17aff5f6ea3ea9d4f4630e71bfb8bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Aug 2023 19:20:37 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 98
Expires: Mon, 08 Aug 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Aug 2023 19:20:37 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t25.5;r;s1600*1200*24;uhttps%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise;0.3823590133833037
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 08 Aug 2022 21:00:00 GMT

GET
H2

200

763917680
www.tns-counter.ru/V13b***R%3E*mail_ru/ru/UTF-8/tmsec=mail_games-wf-other/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*mail_ru/ru/UTF-8/tmsec=mail_games-wf-other/763917680
https://www.tns-counter.ru/V13b***R%3E*mail_ru/ru/UTF-8/tmsec=mail_games-wf-other/763917680

43 B
296 B

55ms
55ms

Image
image/gif

2001:6d0:4001::226
ADFACT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*mail_ru/ru/UTF-8/tmsec=mail_games-wf-other/763917680
Requested by: Host: ru.warface.com
URL: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software: ms-counter-4.0.4/1.22.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:37 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:37 GMT
strict-transport-security: max-age=2678400
server: ms-counter-4.0.4/1.22.1
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*mail_ru/ru/UTF-8/tmsec=mail_games-wf-other/763917680
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK TacticSans-Reg.woff
wf.cdn.gmru.net/static/general/fonts/TacticSans/ 38 KB
38 KB 272ms
108ms Font
application/font-woff 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/TacticSans/TacticSans-Reg.woff

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

5edaeab326f98a31d0fb50752d81f6aa4fa6725da1d6e24ef99e62cd36d9af83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css
Origin: https://ru.warface.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 07 Apr 2021 09:40:47 GMT
Server: nginx
ETag: "606d7e1f-96f4"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 38644
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK SuisseIntl-Regular.woff2
wf.cdn.gmru.net/static/general/fonts/SuisseIntl/ 54 KB
54 KB 349ms
113ms Font
application/octet-stream 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/SuisseIntl/SuisseIntl-Regular.woff2

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/general/fonts/SuisseIntl/font.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

a554b309c2e8fcd2c4c1830c687f89dbebfe9048aa98ac8ed57c06911c04868a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wf.cdn.gmru.net/static/general/fonts/SuisseIntl/font.css
Origin: https://ru.warface.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 07 Apr 2021 09:13:22 GMT
Server: nginx
ETag: "606d77b2-d64c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54860
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED:prod

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 42ms
14ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: granpowder.com
URL: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 09 Aug 2023 19:20:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: yQ8h/5KhgyY7+4mNdM9SiVz6OiFnPqBFU6YDxqJ3wYNSOw2+BQRxAShLJFvYI32RtYwWgwZElMErNzW0J4Uhhg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 216 KB
74 KB 235ms
116ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: granpowder.com
URL: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

27735786662c0d84226430a5acd5cfeac63b593e39351fd28321091cafed725e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-126d5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75477
expires: Wed, 09 Aug 2023 20:20:37 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
31 KB 182ms
87ms Script
application/x-javascript 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?168
Requested by: Host: granpowder.com
URL: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv72-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
content-encoding: gzip
x-frontend: front220206
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
server: kittenx
etag: W/"6389a5e0-1a018"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Sun, 13 Aug 2023 19:20:37 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 102ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXLWDC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8ae4a37d003da47b51ce6a0fa0138ef9fd77bc560218fe9457f94d8d26aa221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /cspreport, base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-d1rt7Jkmfoo1pmZamtr4lQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 09 Aug 2023 19:20:37 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
31 KB 223ms
129ms Script
application/x-javascript 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: granpowder.com
URL: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv72-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
content-encoding: gzip
x-frontend: front220206
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
server: kittenx
etag: W/"6389a5e0-1a018"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Sun, 13 Aug 2023 19:20:37 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 39 KB
17 KB 281ms
106ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: granpowder.com
URL: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

c27f03222cd776cd45a393f9b075cf309dceb53ed63ad298d35be47d522e8e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 09 Aug 2023 16:53:26 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"64d3c486-9a07"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Wed, 09 Aug 2023 20:20:37 GMT

GET
H2 200 / Show response
code.r5hsid.ru/ 14 KB
4 KB 88ms
34ms Script
application/javascript 88.198.27.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://code.r5hsid.ru/

Requested by

Host: granpowder.com
URL: https://granpowder.com/clicks/MjU5MjFfMjcxNjc2XzIzLjIxXzEzXzE2ODc1NzcyOTI3NzUwNzUzNTdeYjdkNWZlNjNjMTU2OTQ2NjhjNTVmNWJkMWJhZGJlYTleMjIuOC45LjIwMjM=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.27.52 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-27-52.clients.your-server.de

Software

Caddy /

Resource Hash

3033dc22c56c7668360b8a4c2ec4baaa69499fc9023ee9586ac5577d1f9f664a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
server: Caddy
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000
content-length: 3398

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 243 KB
83 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LF5DZQ3NEX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXLWDC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a179b2d8e5c54a4819e9049dc645abbd01b4d9580ab15b70a5fce51c2070f8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 09 Aug 2023 19:20:37 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39f1bd420ceeb891b0dc39a894c965a8cad49e9e5e190fbf5f80893cc22a9a12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bg.4fcf4f0.jpg
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/img/ 548 KB
548 KB 57ms
57ms Image
image/jpeg 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/img/bg.4fcf4f0.jpg

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

f7c64406023c6b6ba0f3036d9cb72f37781141c1f84366c566afcf2308eb77d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 22 Jun 2023 15:07:36 GMT
Server: nginx
ETag: "649463b8-88fe3"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 561123
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK TacticSans-Med.woff
wf.cdn.gmru.net/static/general/fonts/TacticSans/ 38 KB
38 KB 271ms
108ms Font
application/font-woff 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/TacticSans/TacticSans-Med.woff

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

ee1c8b3cf8b7b07ed5c45628ef8e45a9660e89b88365c88d59dd0cddd327c65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css
Origin: https://ru.warface.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 07 Apr 2021 09:40:47 GMT
Server: nginx
ETag: "606d7e1f-9844"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 38980
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK font.css
wf.cdn.gmru.net/static/general/fonts/Roboto/ 550 B
983 B 56ms
56ms Stylesheet
text/css 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/Roboto/font.css

Requested by

Host: client
URL: about:client

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

73c390dff2abb5703c4327ba2161b0ff40ede1c8b983cb51c50d9c1c197197de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 15 Feb 2022 14:54:55 GMT
Server: nginx
ETag: "620bbebf-226"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 550
X-XSS-Protection: 1; mode=block
X-Cached: MISS

GET
H/1.1 200
OK / Show response
ru.warface.com/dynamic/auth/ 890 B
1 KB 112ms
111ms XHR
application/json 195.211.131.162
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ru.warface.com/dynamic/auth/?a=checkuser

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/js/main/auth.js?2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

195.211.131.162 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

4abed0228124d19ed2e9b5ececcae40231a149d5123b108b400c93ce43d09498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Aug 2023 19:20:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://wf.cdn.gmru.net
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=120
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 header.js Show response
vkplay.ru/hotbox/gem_static/leela/ 763 KB
235 KB 1351ms
105ms Script
application/javascript 188.93.63.17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://vkplay.ru/hotbox/gem_static/leela/header.js

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/js/main/auth.js?2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.93.63.17 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

gw-mru.ext.terrhq.ru

Software

nginx /

Resource Hash

38e83d5755b2e231dbf51606a73a77435eb191899942169f9bd2a279db0c18a8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
last-modified: Wed, 09 Aug 2023 11:10:29 GMT
server: nginx
etag: W/"ff177a34d32a341e79b92ee5d875648b"
x-cache-status: REVALIDATED
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-cache-date: Wed, 09 Aug 2023 11:10:33 GMT
cache-control: max-age=31536000, private, no-cache
x-host: hb-bl4
x-req-id: XT451pBoXc
x-xss-protection: 1; mode=block;

GET
H2 200 2025962164329446 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 14ms
14ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2025962164329446?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2506fc3e3ba28eda7f1bb9cf0db08322d3a0cc950405ab9870167e06f28ff36b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 09 Aug 2023 19:20:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88978
x-xss-protection: 0
pragma: public
x-fb-debug: GtpxPNHQEY02zenNiwApe+pCyOCOIncp+nZYkINDN4iIY8RM0C+SfJcy1KdzyuYKVknRVI7cL0nBV4gStvFlFQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 57ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LF5DZQ3NEX&gtm=45je3870&_p=1409466685&_gaz=1&cid=924490743.1691608837&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691608837&sct=1&seg=0&dl=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&dt=%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface&en=page_view&_fv=1&_nsi=1&_ss=1&ep.1link_campaign=0-3134156_2012478_207434&up.user_properties=%5Bobject%20Object%5D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LF5DZQ3NEX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ru.warface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 85ms
23ms Ping
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LF5DZQ3NEX&cid=924490743.1691608837&gtm=45je3870&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LF5DZQ3NEX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ru.warface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 128ms
58ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LF5DZQ3NEX&cid=924490743.1691608837&gtm=45je3870&aip=1&z=1663045120

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
hit.acstat.com/warfacecom/ 0
202 B 132ms
25ms Image
text/plain 88.198.27.52
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hit.acstat.com/warfacecom/?sid=1bb01519-524d-a1df-d58c-74d837963f3f&t_tid=df39e2fd-8586-efda-6482-633f5ab8911a&t_dp=&wid=&par=207434&ref=&t_t=affiliate&t_if=0&t_s=advertise&if_p=&ih=1200&iw=1600&s_w=1600&s_h=1200&land=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

88.198.27.52 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-27-52.clients.your-server.de

Software

Caddy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Aug 2023 19:20:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: Caddy
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000
content-length: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4eae42b1/www-widgetapi.vflset/ 204 KB
63 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4eae42b1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7425038d7ecfec6a8a0149f3e72f22c31410f1ab3424874d36d16d0675a59f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:12:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64309
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 01:46:56 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 08 Aug 2024 19:12:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 46ms
13ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2025962164329446&ev=PageView&dl=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rl=&if=false&ts=1691608837211&sw=1600&sh=1200&v=2.9.121&r=stable&ec=0&o=30&fbp=fb.1.1691608837209.1252763037&it=1691608837135&coo=false&exp=a1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 09 Aug 2023 19:20:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK box.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 43 KB
44 KB 56ms
54ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/box.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

932e946388db2cd2cdb73bcde4159e5024ef0284d636d3c6e66fe9df0d6776e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-ad1c"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 44316
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK 1.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 14 KB
15 KB 58ms
55ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/1.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

97465aa289eb89c0f0a84b3cfb9a6e489619a6ea52fcc675ed55b10c99e27de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-387c"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 14460
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK 2.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 14 KB
14 KB 62ms
57ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/2.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

afd2ae15299521218c33a226dc8ecb2b004925dc8d4bd30f556c68a89990c666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-37f1"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 14321
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK 3.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 23 KB
23 KB 59ms
55ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/3.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

fe994f5e3f3b4e666c23fc77ad28ee46cdb2416a796bbdd3ced663385c5c95f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-5bf6"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 23542
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK logo.3884ea9.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/img/ 15 KB
15 KB 56ms
55ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/img/logo.3884ea9.png

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

3ddef725133d5933fe6f17a415c8178db51d3dbc093616bc3f8aad84383e072e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 22 Jun 2023 15:07:36 GMT
Server: nginx
ETag: "649463b8-3c1c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 15388
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK button.1a2ad2d.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/img/ 35 KB
35 KB 176ms
62ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/img/button.1a2ad2d.png

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

33bc969a5fcf66b2ed2a76b0448ebe479bca8efd599e19566504b6a222c35b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/css/app.f130a2189967d9c2c6bb5860ce268582.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 22 Jun 2023 15:07:36 GMT
Server: nginx
ETag: "649463b8-8b5f"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 35679
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK 1-bg.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 44 KB
44 KB 112ms
56ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/1-bg.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

0f4376f9f00f90e6aae6cd74a573eb8126d95ce4628f28632c5aace1eca5d534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-afb5"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 44981
X-XSS-Protection: 1; mode=block
X-Cached: MISS

GET
H/1.1 200
OK money.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 64 KB
64 KB 112ms
111ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/money.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

c116f86e417002bc9cdcfea0fb07e5f09d3ebc640aead68b80a90752a5e278ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-fe4d"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 65101
X-XSS-Protection: 1; mode=block
X-Cached: MISS

GET
H/1.1 200
OK 2-bg.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 47 KB
47 KB 174ms
61ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/2-bg.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

999f1327a2d027141b923b22fdf9c4769c3c41d9239860fe445376447e54630c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-ba39"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 47673
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK crown.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 36 KB
37 KB 57ms
56ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/crown.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

11511d89faf5d35123552b398933b37fc370a97e80f6a55a9f38044aad1ce63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-90a1"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 37025
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK 3-bg.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 73 KB
73 KB 55ms
54ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/3-bg.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

9a280faa269a87ff0baa4e73abe302750f2bcf789dd8bff559321112a15eeecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-12306"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 74502
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK gold_bars.png
wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/ 58 KB
59 KB 109ms
108ms Image
image/png 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wf.cdn.gmru.net/static/wf.mail.ru/promo/roulette/new/dist/roulette/gold_bars.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

c630be92d35e5eb19c4a9c52aff4e6f9fc25142e43e2c05c444c65dc51d83774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 03 Nov 2022 12:40:08 GMT
Server: nginx
ETag: "6363b6a8-e851"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 59473
X-XSS-Protection: 1; mode=block
X-Cached: HIT

GET
H/1.1 200
OK TacticSansExtExd-Ult.woff
wf.cdn.gmru.net/static/general/fonts/TacticSans/ 39 KB
39 KB 75ms
54ms Font
application/font-woff 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/TacticSans/TacticSansExtExd-Ult.woff

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

083bd3c885e192182cc55043c55ec121b83fa780e0e8cbad0130380078f343fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css
Origin: https://ru.warface.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 07 Apr 2021 09:40:47 GMT
Server: nginx
ETag: "606d7e1f-9b84"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 39812
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED

GET
H/1.1 200
OK TacticSans-Bld.woff
wf.cdn.gmru.net/static/general/fonts/TacticSans/ 38 KB
39 KB 131ms
56ms Font
application/font-woff 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/TacticSans/TacticSans-Bld.woff

Requested by

Host: wf.cdn.gmru.net
URL: https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

f1994d744f41b1c8385093a80dfbb0645b9f5154d7e8f193ed68b8f9e7375530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wf.cdn.gmru.net/static/general/fonts/TacticSans/font.css
Origin: https://ru.warface.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Wed, 09 Aug 2023 19:20:37 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 07 Apr 2021 09:40:47 GMT
Server: nginx
ETag: "606d7e1f-9928"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
X-be: kk-prod
Accept-Ranges: bytes
Content-Length: 39208
X-XSS-Protection: 1; mode=block
X-Cached: MISS

GET
H2 200 rtrg
vk.com/ 49 B
577 B 57ms
56ms Image
image/gif 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-38883-A2Vu&metatag_url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%2F&metatag_title=%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv72-132-240-87.vk.com

Software

kittenx / KPHP/7.4.114357

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
content-encoding: gzip
x-frontend: front220206
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.114357
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 rtrg
vk.com/ 49 B
578 B 55ms
55ms Image
image/gif 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-1453561-fVpNy&metatag_url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%2F&metatag_title=%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv72-132-240-87.vk.com

Software

kittenx / KPHP/7.4.114357

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
content-encoding: gzip
x-frontend: front220206
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.114357
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
1004 B 54ms
54ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3277357;u=https%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise;st=1691608837089;title=%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=dd6062e5f349cb2c;ver=60.3.0;tz=-120%2FEurope%2FAmsterdam;ni=10//4g/0/0/;lvid=1691608837473%3A1691608837491%3A1%3A17250f162e3d14baa717ba7040514b79;opts=dl%2Cjst-gtag-vk;visible=true;_=0.17145116384404346

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://ru.warface.com
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://ru.warface.com
access-control-allow-headers: *

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
114 B 58ms
58ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 19:20:37 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 03 Aug 2023 07:54:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64cb3322-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 09 Aug 2023 20:20:37 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/27036375/
Redirect Chain

https://mc.yandex.ru/watch/27036375?wmode=7&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c91260...
https://mc.yandex.ru/watch/27036375/1?wmode=7&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912...

463 B
546 B

62ms
62ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/27036375/1?wmode=7&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1387%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A983163627495%3Ahid%3A333997951%3Az%3A120%3Ai%3A20230809212037%3Aet%3A1691608838%3Ac%3A1%3Arn%3A961336479%3Arqn%3A1%3Au%3A1691608838110131459%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A51%2C174%2C62%2C1%2C490%2C0%2C%2C772%2C4%2C%2C%2C%2C1550%3Aco%3A0%3Acpf%3A1%3Ans%3A1691608835539%3Arqnl%3A1%3Ast%3A1691608838%3At%3A%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29hc%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7dd8e8a61bef14cc62c2a927b889c79fe3974c42bc6be10a829c293891ddef6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 09-Aug-2023 19:20:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 463
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:37 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:37 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/27036375/1?wmode=7&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afp%3A1387%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A0%3Als%3A983163627495%3Ahid%3A333997951%3Az%3A120%3Ai%3A20230809212037%3Aet%3A1691608838%3Ac%3A1%3Arn%3A961336479%3Arqn%3A1%3Au%3A1691608838110131459%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A51%2C174%2C62%2C1%2C490%2C0%2C%2C772%2C4%2C%2C%2C%2C1550%3Aco%3A0%3Acpf%3A1%3Ans%3A1691608835539%3Arqnl%3A1%3Ast%3A1691608838%3At%3A%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29hc%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 14ms
13ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2025962164329446&ev=Microdata&dl=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rl=&if=false&ts=1691608837767&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface%22%2C%22meta%3Adescription%22%3A%22%D0%97%D0%B0%D0%B1%D0%B8%D1%80%D0%B0%D0%B9%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%B2%20Warface%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B9%20%D0%B4%D0%B5%D0%BD%D1%8C!%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%2Fdist%2Fru.jpg%3F3%22%2C%22og%3Atitle%22%3A%22%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface%22%2C%22og%3Adescription%22%3A%22%D0%97%D0%B0%D0%B1%D0%B8%D1%80%D0%B0%D0%B9%20%D0%B1%D0%BE%D0%BD%D1%83%D1%81%D1%8B%20%D0%B2%20Warface%20%D0%BA%D0%B0%D0%B6%D0%B4%D1%8B%D0%B9%20%D0%B4%D0%B5%D0%BD%D1%8C!%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&ec=1&o=30&fbp=fb.1.1691608837209.1252763037&it=1691608837135&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 09 Aug 2023 19:20:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
918 B 56ms
56ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3277357;u=https%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise;st=1691608837089;title=%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=dd6062e5f349cb2c;ver=60.3.0;tz=-120%2FEurope%2FAmsterdam;nt=0/0/1691608835539/////490/490/541/541/715/595/715/777/778/779/1550/1550/1553/3192/3192/3193;ni=10//4g/0/0/;lvid=1691608837473%3A1691608838733%3A2%3A17250f162e3d14baa717ba7040514b79;opts=dl%2Cjst-gtag-ym-vk;visible=true;_=0.4441179846136156;e=RT/load;et=1691608838732

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Aug 2023 19:20:38 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://ru.warface.com
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://ru.warface.com
access-control-allow-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXLWDC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 09 Aug 2023 17:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5775
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 09 Aug 2023 19:44:23 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Wed, 09 Aug 2023 18:52:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 09 Aug 2023 19:52:18 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
26ms Ping
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 23ms
23ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3127420-21&cid=924490743.1691608837&jid=1040368075&gjid=1244857416&_gid=1548192007.1691608839&_u=aCDAgEAjAAAAAEAEK~&z=1947108864

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 09 Aug 2023 19:20:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ru.warface.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 108ms
59ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3127420-21&cid=924490743.1691608837&jid=1040368075&_u=aCDAgEAjAAAAAEAEK~&z=382240338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
107 B 59ms
59ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3127420-21&cid=924490743.1691608837&jid=1040368075&_u=aCDAgEAjAAAAAEAEK~&z=382240338

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 120ms
120ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=1&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=422295377&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608841%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212040%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608841&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:40 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:40 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:40 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 62ms
62ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=1&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=324021810&wv-type=3&browser-info=we%3A1%3Aet%3A1691608841%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212041%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608841&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:41 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:41 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:41 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 63ms
62ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=2&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=789812542&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608842%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212042%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608842&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:42 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:42 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:42 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 62ms
62ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=3&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=659028029&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608844%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212044%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608844&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:44 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:44 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:44 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 64ms
63ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=4&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=600924131&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608846%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212046%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608846&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:46 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:46 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:46 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 59ms
59ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=5&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=374720968&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608848%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212048%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608848&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:48 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:48 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 64ms
63ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=6&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=950914975&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608850%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212050%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608850&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:50 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:50 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:50 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 65ms
65ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=7&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=552827802&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608853%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212052%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608853&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:52 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:52 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:52 GMT

POST
H2 200 27036375
mc.yandex.ru/watch/ 43 B
294 B 64ms
63ms Ping
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/27036375?page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&charset=utf-8&hittoken=1691608837_9a6ce9b84019ee305334d0562d46c44d10f5bd93b35fde3ed6cc22c10a38f7f4&browser-info=nb%3A1%3Acl%3A287%3Aar%3A1%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1092%3Acn%3A1%3Adp%3A1%3Als%3A983163627495%3Ahid%3A333997951%3Az%3A120%3Ai%3A20230809212052%3Aet%3A1691608853%3Ac%3A1%3Arn%3A253827210%3Arqn%3A2%3Au%3A1691608838110131459%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C3192%2C3192%2C1%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1691608835539%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1691608853&t=gdpr(14)clc(0-0-0)rqnt(2)hc(1)lt(109300)aw(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:52 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:52 GMT

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
919 B 55ms
54ms Ping
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3277357;u=https%3A//ru.warface.com/promo/roulette/new%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise;st=1691608837089;title=%D0%9F%D0%BE%D0%B4%D0%B0%D1%80%D0%BA%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D1%85%D0%BE%D0%B4%20%D0%B2%20%D0%B8%D0%B3%D1%80%D1%83%20%7C%20Warface;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=dd6062e5f349cb2c;ver=60.3.0;tz=-120%2FEurope%2FAmsterdam;ni=10//4g/0/0/;detect=0;lvid=1691608837473%3A1691608853777%3A3%3A17250f162e3d14baa717ba7040514b79;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.9884999952988429;e=PVT/15

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 09 Aug 2023 19:20:53 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://ru.warface.com
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: https://ru.warface.com
access-control-allow-headers: *

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 63ms
63ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=8&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=279474693&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608855%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212054%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608855&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:54 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:54 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:54 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 63ms
62ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=9&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=319355802&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608857%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212056%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608857&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:56 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:56 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:56 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 64ms
63ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=10&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=141184914&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608859%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212058%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608859&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:20:58 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:20:58 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:20:58 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 62ms
62ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=11&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=1063688230&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608861%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212100%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608861&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:21:00 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:21:00 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:21:00 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 62ms
62ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=12&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=303391647&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608863%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212102%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608863&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:21:02 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:21:02 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:21:02 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 62ms
62ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=13&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=805458226&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608865%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212104%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608865&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:21:04 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:21:04 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:21:04 GMT

POST
H2 200 27036375
mc.yandex.ru/webvisor/ 43 B
0 62ms
56ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/27036375?wv-part=14&wmode=0&wv-hit=333997951&page-url=https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise&rn=649862534&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1691608867%3Aw%3A1600x1200%3Av%3A1092%3Az%3A120%3Ai%3A20230809212106%3Au%3A1691608838110131459%3Avf%3A7h8dgiykw9ep6c375s20yqn%3Ast%3A1691608867&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ru.warface.com/promo/roulette/new?_1lr=0-3134156_2012478_207434&oprtrack=1665_clickId%3D4b0c10f764d3e703a1e3c912609384&utm_medium=affiliate&utm_campaign=207434&utm_source=advertise
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Aug 2023 19:21:06 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 09-Aug-2023 19:21:06 GMT
content-type: image/gif
access-control-allow-origin: https://ru.warface.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 09-Aug-2023 19:21:06 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.granpowder.com/	1970-01-20 23:29:28	Name: uuid Value: 1687577292775075357
.playtatorsec.com/	1970-01-20 23:29:28	Name: uid Value: 890885471691608835
.gameslnk.cc/	1970-01-20 22:39:04	Name: uid Value: 4b0c10f764d3e703a1e3c912609384
.vkplay.ru/	1970-01-20 13:53:32	Name: mr1lad Value: 64d3e7042bcc7631-3134156_2012478_207434-3134156_2012478_207434-3134156_2012478_207434
.vkplay.ru/	1970-01-20 13:53:32	Name: mr1lext Value: 1665_clickId%3D4b0c10f764d3e703a1e3c912609384
ru.warface.com/	1969-12-31 23:59:59	Name: n_js_t Value: 1691608836
ru.warface.com/	1969-12-31 23:59:59	Name: n_js_d Value: 3377296033
ru.warface.com/	1970-01-20 14:07:52	Name: cur_language Value: ru
.warface.com/	1970-01-20 16:03:04	Name: _gcl_au Value: 1.1.482620701.1691608837
.tns-counter.ru/	1970-01-20 22:39:04	Name: guid Value: 465B680A64D3E705X1691608837
.yadro.ru/	1970-01-20 22:37:44	Name: FTID Value: 1aq-S50Tmw8c1aq-S5002GEG
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 2MpbDINZGso
.youtube.com/	1970-01-20 18:12:40	Name: VISITOR_INFO1_LIVE Value: dMjZCRzjlNE
.warface.com/	1970-01-20 23:29:28	Name: _ga_LF5DZQ3NEX Value: GS1.1.1691608837.1.0.1691608837.60.0.0
.yadro.ru/	1970-01-20 22:37:44	Name: VID Value: 3A3bRJ2x7c8c1aq-S5002GEt
.ru.warface.com/	1970-01-20 13:53:32	Name: mr1lad Value: 64d3e7042bcc7631-3134156_2012478_207434-3134156_2012478_207434-3134156_2012478_207434
.ru.warface.com/	1970-01-20 13:53:32	Name: mr1lext Value: 1665_clickId%3D4b0c10f764d3e703a1e3c912609384
.warface.com/	1970-01-20 14:36:40	Name: advcake_track_id Value: df39e2fd-8586-efda-6482-633f5ab8911a
.warface.com/	1970-01-20 14:36:40	Name: advcake_session_id Value: 1bb01519-524d-a1df-d58c-74d837963f3f
.warface.com/	1970-01-20 14:36:40	Name: advcake_track_url Value: https%3A%2F%2Fru.warface.com%2Fpromo%2Froulette%2Fnew%3F_1lr%3D0-3134156_2012478_207434%26oprtrack%3D1665_clickId%253D4b0c10f764d3e703a1e3c912609384%26utm_medium%3Daffiliate%26utm_campaign%3D207434%26utm_source%3Dadvertise
.warface.com/	1970-01-20 14:36:40	Name: advcake_utm_partner Value: 207434
.warface.com/	1970-01-20 14:36:40	Name: advcake_utm_webmaster Value:
.warface.com/	1970-01-20 14:36:40	Name: advcake_click_id Value:
ru.warface.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0sr4t33g2nsvf5oofvehaoqe6c
.warface.com/	1970-01-20 16:03:04	Name: _fbp Value: fb.1.1691608837209.1252763037
.vk.com/	1970-01-20 22:44:59	Name: remixlang Value: 61
.warface.com/	1970-01-20 21:53:00	Name: tmr_lvid Value: 17250f162e3d14baa717ba7040514b79
.warface.com/	1970-01-20 21:53:00	Name: tmr_lvidTS Value: 1691608837473
.vk.com/	1970-01-20 22:39:04	Name: remixstlid Value: 9110467991341890196_zXZInl8v7E7Xrx0hYsPOSN7pTExD3Nlr9CGJIZAf4UL
.warface.com/	1970-01-20 22:39:04	Name: _ym_uid Value: 1691608838110131459
.warface.com/	1970-01-20 22:39:04	Name: _ym_d Value: 1691608838
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 789361831691608837
.yandex.ru/	1970-01-20 23:29:28	Name: i Value: 29RZ+ciYLMFd0HlgolfgAAnP5RMqJeE9A5qwrFIdD6bpO/OhxYT2PFJDA1lbx8h85w5KWsBPF6tg31Dic9iDJG5wZnA=
.yandex.ru/	1970-01-20 23:29:28	Name: yandexuid Value: 5232687021691608837
.yandex.ru/	1970-01-20 22:39:04	Name: yuidss Value: 5232687021691608837
.yandex.ru/	1970-01-20 22:39:04	Name: ymex Value: 1723144837.yrts.1691608837#1723144837.yrtsi.1691608837
.yandex.ru/	1970-01-20 22:39:04	Name: bh Value: KgI/MA==
.warface.com/	1970-01-20 13:54:40	Name: _ym_isad Value: 2
.warface.com/	1970-01-20 13:53:30	Name: _ym_visorc Value: w
ru.warface.com/	1970-01-20 14:03:33	Name: mr1lad_long Value: 64d3e7042bcc7631-3134156_2012478_207434-3134156_2012478_207434-3134156_2012478_207434
.warface.com/	1970-01-20 23:29:28	Name: _ga Value: GA1.2.924490743.1691608837
.warface.com/	1970-01-20 13:54:55	Name: _gid Value: GA1.2.1548192007.1691608839
.warface.com/	1970-01-20 13:53:28	Name: _dc_gtm_UA-3127420-21 Value: 1
.ru.warface.com/	1970-01-20 13:53:30	Name: _custom_session_GA Value: true
ru.warface.com/	1970-01-20 13:54:55	Name: tmr_detect Value: 0%7C1691608840141
.mail.ru/	1970-01-20 22:40:31	Name: VID Value: 13ZEqC0MWroJ00000u1mT42J:::0-0-0-9ee3fc5:CAASEBg0h5iSsSAry7qQjCqkg3MaYMgy5nuA_LY3lQXAy1NwQbRG4VULCq6Mvpl6tqavMLvXIQvkOfClcDRK9G9wLi51tgdj4twntUfXemfY6JGZCziVaRFiebo4a8eVlLAPM5DlMGwA4guoG8Uog8wOL7NEPQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ru.warface.com/n.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1l-go.my.games
1l-go.vkplay.ru
1l-hit.vkplay.ru
cdn.polyfill.io
code.r5hsid.ru
connect.facebook.net
counter.yadro.ru
gameslnk.cc
granpowder.com
hit.acstat.com
mc.yandex.ru
playtatorsec.com
region1.analytics.google.com
ru.warface.com
stats.g.doubleclick.net
top-fwz1.mail.ru
vk.com
vkplay.ru
wf.cdn.gmru.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.tns-counter.ru
www.youtube.com
188.93.63.17
193.200.64.20
193.200.64.30
195.211.131.162
195.211.131.165
195.211.21.6
2001:4860:4802:34::36
2001:6d0:4001::226
2a00:1450:4001:806::200e
2a00:1450:4001:829::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9c
2a02:6b8::1:119
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:200::282
31.133.223.169
45.66.97.16
87.240.132.72
88.198.27.52
88.212.201.204
95.163.52.67
083bd3c885e192182cc55043c55ec121b83fa780e0e8cbad0130380078f343fc
0f4376f9f00f90e6aae6cd74a573eb8126d95ce4628f28632c5aace1eca5d534
11511d89faf5d35123552b398933b37fc370a97e80f6a55a9f38044aad1ce63c
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
194758e405333fa79621731a1122f75eb0c143e429973d9bf829a71e8c8879b5
1c9a300614c47f8d78a276d30168402ec1a62ef4c5c1b73851886bee3a045668
1d0cb7f824ff8a78b8d1603b6e3ceb2eb5c1268602c9a844533ab8fd09626d73
205389300d792c76fbd171bcf542f38ddc349f1a634dda7df6ff03cca5d95c60
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2506fc3e3ba28eda7f1bb9cf0db08322d3a0cc950405ab9870167e06f28ff36b
27735786662c0d84226430a5acd5cfeac63b593e39351fd28321091cafed725e
28f232112e9e48056bb0ca1fe3480b4ec3c4b04750e7a6190760e2ab47326cdf
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e
3033dc22c56c7668360b8a4c2ec4baaa69499fc9023ee9586ac5577d1f9f664a
33bc969a5fcf66b2ed2a76b0448ebe479bca8efd599e19566504b6a222c35b3e
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
38e83d5755b2e231dbf51606a73a77435eb191899942169f9bd2a279db0c18a8
39f1bd420ceeb891b0dc39a894c965a8cad49e9e5e190fbf5f80893cc22a9a12
3a3835b1fab4d89213a56a1e6661f37de7da9f90c2b67239f5c5012e3355ccd7
3ddef725133d5933fe6f17a415c8178db51d3dbc093616bc3f8aad84383e072e
42670c44705a5b685c7f70b576d7df48a17aff5f6ea3ea9d4f4630e71bfb8bc1
4abed0228124d19ed2e9b5ececcae40231a149d5123b108b400c93ce43d09498
50f1bd4d44fda33e4e081064d0cc769c6b378ea2b2f62d60fdff4bd7b422a4eb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b5069a302cadcd9f54b5069a706b464eee53c5b16918be36997df6abd77dbdf
5edaeab326f98a31d0fb50752d81f6aa4fa6725da1d6e24ef99e62cd36d9af83
65c44530726a75c04cd39583f648f3ea7cf52311fc4c2c75120524de5c7b21df
70cb446dc70c1d9ed162874bc494445033bf868a6746712b352d8059ee62a755
73c390dff2abb5703c4327ba2161b0ff40ede1c8b983cb51c50d9c1c197197de
7425038d7ecfec6a8a0149f3e72f22c31410f1ab3424874d36d16d0675a59f01
7cfc00e83f27224577c28f7de59dd08dc7e083bd74a7da25e889a574b72252a0
7dd8e8a61bef14cc62c2a927b889c79fe3974c42bc6be10a829c293891ddef6a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
932e946388db2cd2cdb73bcde4159e5024ef0284d636d3c6e66fe9df0d6776e7
97465aa289eb89c0f0a84b3cfb9a6e489619a6ea52fcc675ed55b10c99e27de8
999f1327a2d027141b923b22fdf9c4769c3c41d9239860fe445376447e54630c
9a280faa269a87ff0baa4e73abe302750f2bcf789dd8bff559321112a15eeecd
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
a179b2d8e5c54a4819e9049dc645abbd01b4d9580ab15b70a5fce51c2070f8ba
a4a8f9f6082936bed10b479026709f7e17ed047a14d14d7024474eb036b439d2
a4b0a80d20e6040a4fe9eaa7c71fa81282012971f71250e950f4a6b1b9a32d31
a554b309c2e8fcd2c4c1830c687f89dbebfe9048aa98ac8ed57c06911c04868a
a70c5385688a1b66426538419bfd7dad9d49a55da388297fc1a03c833f24ab31
a8ae4a37d003da47b51ce6a0fa0138ef9fd77bc560218fe9457f94d8d26aa221
a9b85b80315bea8df802657efcb4a66f20c57a493da7b861ba138b44887dcbb2
afd2ae15299521218c33a226dc8ecb2b004925dc8d4bd30f556c68a89990c666
b2beebc63f3f9767490d3835c842e548f890f01505f97b989b5692826c1c739e
c116f86e417002bc9cdcfea0fb07e5f09d3ebc640aead68b80a90752a5e278ee
c27f03222cd776cd45a393f9b075cf309dceb53ed63ad298d35be47d522e8e7a
c425e2e9b44c66903cda926e8c418153166b9fc0021cde42a3318223c69fee28
c630be92d35e5eb19c4a9c52aff4e6f9fc25142e43e2c05c444c65dc51d83774
ccf632004b98d54f3500b7fb853d4380c3e0754a7cefb97ec5e23da8039da5e1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db11675214544556b0eca42fed0d90c9553585ca647255bbb3f1a694949f9a5f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409f8f59d4dc4c82bc8048a1b88593c4195aaa2bd63e13ab941df56f8285225
ee1c8b3cf8b7b07ed5c45628ef8e45a9660e89b88365c88d59dd0cddd327c65a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05377ea8e339e81724554395270041365cc95a3616e16505ce027a944856c72
f1994d744f41b1c8385093a80dfbb0645b9f5154d7e8f193ed68b8f9e7375530
f7c64406023c6b6ba0f3036d9cb72f37781141c1f84366c566afcf2308eb77d1
fe994f5e3f3b4e666c23fc77ad28ee46cdb2416a796bbdd3ced663385c5c95f5

ru.warface.com Open in urlscan Pro 195.211.131.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

97 %HTTPS

50 %IPv6

23 Domains

26 Subdomains

22 IPs

5 Countries

2434 kBTransfer

4116 kBSize

46 Cookies

4 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

ru.warface.com Open in urlscan Pro
195.211.131.162 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

97 %
HTTPS

50 %
IPv6

23
Domains

26
Subdomains

22
IPs

5
Countries

2434 kB
Transfer

4116 kB
Size

46
Cookies

93 HTTP transactions
2 data transactions