urlscan.io logo urlscan.io
SecurityTrails logo

warthunder.com Open in urlscan Pro
104.20.82.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844#/
Effective URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Submission: On September 05 via api from LU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 6 countries across 23 domains to perform 77 HTTP transactions. The main IP is 104.20.82.98, located in and belongs to CLOUDFLARENET, US. The main domain is warthunder.com. The Cisco Umbrella rank of the primary domain is 29506.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on January 9th 2024. Valid for: a year.
This is the only time warthunder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 104.20.82.98 13335 (CLOUDFLAR...)
4 9 87.250.250.119 13238 (YANDEX)
2 69.147.92.11 10310 (YAHOO-1)
1 3 87.240.137.164 47541 (VKONTAKTE...)
1 34.248.84.180 16509 (AMAZON-02)
3 142.250.80.72 15169 (GOOGLE)
4 13.226.34.75 16509 (AMAZON-02)
1 54.88.71.74 14618 (AMAZON-AES)
7 138.199.40.58 60068 (CDN77 _)
1 2 142.250.80.36 15169 (GOOGLE)
4 142.250.80.98 15169 (GOOGLE)
2 142.250.81.238 15169 (GOOGLE)
3 150.171.27.10 8075 (MICROSOFT...)
2 31.13.71.7 32934 (FACEBOOK)
2 151.101.1.44 54113 (FASTLY)
1 108.138.115.149 16509 (AMAZON-02)
1 95.211.33.59 60781 (LEASEWEB-...)
1 5.189.239.94 49505 (SELECTEL)
2 142.251.40.206 15169 (GOOGLE)
2 142.251.163.154 15169 (GOOGLE)
2 142.251.32.99 15169 (GOOGLE)
2 31.13.71.36 32934 (FACEBOOK)
2 85.17.170.54 60781 (LEASEWEB-...)
1 2 138.201.230.88 24940 (HETZNER-AS)
1 151.101.193.44 54113 (FASTLY)
1 2 209.54.182.161 16509 (AMAZON-02)
6 141.226.224.48 200478 (TABOOLA-AS)
2 34.237.65.186 14618 (AMAZON-AES)
1 108.139.29.79 16509 (AMAZON-02)
77 30
12    104.20.82.98 (None, )

ASN13335 (CLOUDFLARENET, US)
warthunder.com
9    87.250.250.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
2    69.147.92.11 (Ashburn, United States)

ASN10310 (YAHOO-1, US)
PTR: e1.ycpi.vip.dca.yahoo.com
s.yimg.com
3    87.240.137.164 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com
vk.com
1    34.248.84.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-84-180.eu-west-1.compute.amazonaws.com
uep.gaijin.net
3    142.250.80.72 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f8.1e100.net
www.googletagmanager.com
4    13.226.34.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-75.ewr53.r.cloudfront.net
staticfiles.warthunder.com
1    54.88.71.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-71-74.compute-1.amazonaws.com
sp.analytics.yahoo.com
7    138.199.40.58 (New York, United States)

ASN60068 (CDN77 _, GB)
PTR: 138-199-40-58.bunnyinfra.net
consent.cookiefirst.com
edge.cookiefirst.com
2    142.250.80.36 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f4.1e100.net
www.google.com
4    142.250.80.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
googleads.g.doubleclick.net
td.doubleclick.net
2    142.250.81.238 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f14.1e100.net
www.google-analytics.com
3    150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    31.13.71.7 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-lga3.fbcdn.net
connect.facebook.net
2    151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    95.211.33.59 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
citydsp.com
1    5.189.239.94 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
statad.ru
2    142.251.40.206 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f14.1e100.net
analytics.google.com
2    142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
stats.g.doubleclick.net
2    142.251.32.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net
www.google.ca
2    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
2    85.17.170.54 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
retagro.com
2    138.201.230.88 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.230.201.138.clients.your-server.de
x.cnt.my
1    151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)
psb.taboola.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    34.237.65.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-65-186.compute-1.amazonaws.com
script.anura.io
1    108.139.29.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-79.jfk50.r.cloudfront.net
ads.anura.io
Apex Domain
Subdomains		 Transfer
16 warthunder.com
warthunder.com — Cisco Umbrella Rank: 29506
staticfiles.warthunder.com — Cisco Umbrella Rank: 372179
3 MB
9 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1198
psb.taboola.com — Cisco Umbrella Rank: 9372
trc.taboola.com — Cisco Umbrella Rank: 1123
trc-events.taboola.com — Cisco Umbrella Rank: 3272
25 KB
7 cookiefirst.com
consent.cookiefirst.com — Cisco Umbrella Rank: 40486
edge.cookiefirst.com — Cisco Umbrella Rank: 48961
48 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
td.doubleclick.net — Cisco Umbrella Rank: 481
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
3 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 10
analytics.google.com — Cisco Umbrella Rank: 238
88 B
3 anura.io
script.anura.io — Cisco Umbrella Rank: 64799
ads.anura.io — Cisco Umbrella Rank: 79849
26 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 399
7 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
307 KB
3 vk.com
vk.com — Cisco Umbrella Rank: 4208
19 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2503
71 KB
2 cnt.my
x.cnt.my — Cisco Umbrella Rank: 110514
950 B
2 retagro.com
retagro.com — Cisco Umbrella Rank: 138957
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 google.ca
www.google.ca — Cisco Umbrella Rank: 9677
127 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
71 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 1020
8 KB
1 statad.ru
statad.ru — Cisco Umbrella Rank: 58621
335 B
1 citydsp.com
citydsp.com — Cisco Umbrella Rank: 81041
792 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 2393
676 B
1 gaijin.net
uep.gaijin.net — Cisco Umbrella Rank: 621514
77 23
Domain Requested by
12 warthunder.com 1 redirects warthunder.com
6 trc-events.taboola.com cdn.taboola.com
6 consent.cookiefirst.com www.googletagmanager.com
consent.cookiefirst.com
6 mc.yandex.com 3 redirects warthunder.com
mc.yandex.ru
4 staticfiles.warthunder.com warthunder.com
3 bat.bing.com warthunder.com
bat.bing.com
3 www.googletagmanager.com warthunder.com
www.googletagmanager.com
3 vk.com 1 redirects warthunder.com
3 mc.yandex.ru 1 redirects warthunder.com
2 script.anura.io warthunder.com
script.anura.io
2 s.amazon-adsystem.com 1 redirects warthunder.com
2 x.cnt.my 1 redirects warthunder.com
2 retagro.com citydsp.com
retagro.com
2 www.facebook.com warthunder.com
2 www.google.ca warthunder.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 td.doubleclick.net www.googletagmanager.com
2 connect.facebook.net warthunder.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net warthunder.com
www.googletagmanager.com
2 www.google.com 1 redirects warthunder.com
2 s.yimg.com warthunder.com
s.yimg.com
1 ads.anura.io script.anura.io
1 trc.taboola.com cdn.taboola.com
1 psb.taboola.com cdn.taboola.com
1 edge.cookiefirst.com consent.cookiefirst.com
1 statad.ru warthunder.com
1 citydsp.com warthunder.com
1 c.amazon-adsystem.com warthunder.com
1 cdn.taboola.com warthunder.com
1 sp.analytics.yahoo.com warthunder.com
1 uep.gaijin.net warthunder.com
77 33

This site contains links to these domains. Also see Links.

Domain
store.playstation.com
www.microsoft.com
legal.gaijin.net
support.gaijin.net
Subject Issuer Validity Valid
*.warthunder.com
GeoTrust TLS RSA CA G1		 2024-01-09 -
2025-02-01		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-08-26 -
2024-10-16		 2 months crt.sh
*.gaijin.net
GeoTrust TLS RSA CA G1		 2024-03-13 -
2025-04-12		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-07-30 -
2025-01-22		 6 months crt.sh
*.cookiefirst.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-05 -
2024-12-16		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-14 -
2024-09-12		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2024-12-31		 5 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
citydsp.com
E6		 2024-07-16 -
2024-10-14		 3 months crt.sh
statad.ru
R11		 2024-08-23 -
2024-11-21		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.google.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.google.ca
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
*.vk.com
GlobalSign ECC OV SSL CA 2018		 2024-02-14 -
2025-03-02		 a year crt.sh
advermarkt.com
E6		 2024-08-04 -
2024-11-02		 3 months crt.sh
script.anura.io
Amazon RSA 2048 M03		 2023-10-16 -
2024-11-13		 a year crt.sh
ads.anura.io
Amazon RSA 2048 M03		 2024-04-29 -
2025-05-27		 a year crt.sh

This page contains 5 frames:

Primary Page: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Frame ID: 5F33064E28E5DFBEBBEE161BAE8EE097
Requests: 78 HTTP requests in this frame

Frame: https://uep.gaijin.net:8383/track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvd2FydGh1bmRlci5jb206NDQzXC9yb1wvcGxheTRmcmVlP3I9YWRjYXNoXzQxMzgyOTUmVHJhbnNhY3Rpb25fSUQ9MTYzNzExNzA2ODEzMzMyNTY2NzAxNDI1MTE2MDEzNzA4NDQiLCJpcCI6IjE3OC4yNDkuMjE0LjEzNSIsImxhbmdfdXJsIjoiZW4iLCJsYW5nX2dlbyI6ImNhIiwic2FsdCI6IkFJYmFUX1prMU1aeWZqSUszV1JXVV9zcnVGQ2NsRHZvIn0%3D&public_key=UOWlwLc8M1wOUKRPSEy9&crc=5a378cac94c5df637991e0d063c2b507
Frame ID: 48FD3CE237E05BD4924143CBC6246B77
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 2FE90B3E5AF0839AE8772543F2E21FE8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/977291250?random=1725538737888&cv=11&fst=1725538737888&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4930z86174342za201zb6174342&gcd=13t3t3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&hn=www.googleadservices.com&frm=0&tiba=War%20Thunder%20%E2%80%94%20Registration&npa=0&pscdl=noapi&auid=1142794376.1725538738&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=registration%3Dregistration
Frame ID: E94C304BBCCD9BBDCCC85CBC3B0C8821
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-3KX7RD39Z5&gacid=400318229.1725538738&gtm=45je4930v899146998z86174342za200zb6174342&dma=0&gcs=G111&gcd=13t3t3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=249171815
Frame ID: C971FF2A14AE1A75B7690026F5F953C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

War Thunder — Registration War Thunder — Registration

Detected technologies

Overall confidence: 100%
Detected patterns
  • rx(?:\.\w+)?(?:\.compat|\.global)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

77
Requests

88 %
HTTPS

0 %
IPv6

23
Domains

33
Subdomains

30
IPs

6
Countries

3549 kB
Transfer

24090 kB
Size

52
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://vk.com/js/api/openapi.js?168 HTTP 302
  • https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
Request Chain 9
  • https://warthunder.com/ajax/event/cbfp HTTP 302
  • https://warthunder.com/en/ajax/event/cbfp
Request Chain 28
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10483.y01ga_7kq0j56u_KQ45L238UcSDJLTTss2nFAQ6TDPkroWld8noPFzDPwPfDtJVr.7fshD8vRZyN4NVFLi07llGT9paM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10483.rBHeb6EPDTjn_zpB1yhLrBGSkW9TtzZfzltzcZ0GfUUcO4fgEfuNqH-InMvBp6AATPJ5nEXDHbz5_pubzJT2LQI3JADqnq0Ek8uQnR8otzW0Q2Ls1dlCE8Xw8OoXW49WXmeK00H67RoLHDAtcCOsM5hgMERfXT68m32Vxv-5mfSRV3XXWDfxbTxqQhjSeLWzANTPF0HlEY5cC0p7P3tX1iioAnwo2FLfnB34MScmDWg%2C.UnEwUfFGXowUkatdwJ2QojOOzQI%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10483.qBVDtlHoZl3j7w1c07adBXS_BqbAPBYm6biFCriHdReSwiaaBZHMtzKbKt2SCRfIq7wxmzuZEWEhiIa5gzKn6GYOViZnhODi6EYMDPuqFUjOK4S0u5KEAbBgkiiimmSaYH_lOvYd1M_ltQeyuZu179fCX5q4VXZaql1V9SM0r-rnennM7S4tvEN52OTODyB02_9IBXa5kWEi5sFgeSxtzA%2C%2C.fv_N6czoxJw0-1iAY82TsGQFrz4%2C
Request Chain 31
  • https://mc.yandex.com/watch/21262261?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1430%3Acn%3A1%3Adp%3A0%3Als%3A96733698665%3Ahid%3A103679746%3Az%3A-420%3Ai%3A20240905051855%3Aet%3A1725538736%3Ac%3A1%3Arn%3A344559267%3Arqn%3A1%3Au%3A1725538736653013892%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2882%3Awv%3A2%3Ads%3A20%2C59%2C737%2C4%2C1%2C0%2C%2C993%2C2%2C%2C%2C%2C2770%3Aco%3A0%3Acpf%3A1%3Ans%3A1725538732562%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725538737%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21038596)ti(1) HTTP 302
  • https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1430%3Acn%3A1%3Adp%3A0%3Als%3A96733698665%3Ahid%3A103679746%3Az%3A-420%3Ai%3A20240905051855%3Aet%3A1725538736%3Ac%3A1%3Arn%3A344559267%3Arqn%3A1%3Au%3A1725538736653013892%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2882%3Awv%3A2%3Ads%3A20%2C59%2C737%2C4%2C1%2C0%2C%2C993%2C2%2C%2C%2C%2C2770%3Aco%3A0%3Acpf%3A1%3Ans%3A1725538732562%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725538737%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29
Request Chain 33
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l3l5l1&tag_exp=0&rnd=137071406.1725538738&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma=0&npa=0&gtm=45He4930n61HWDXKv6174342za200&auid=1142794376.1725538738 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5l1&tag_exp=0&rnd=137071406.1725538738&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma=0&npa=0&gtm=45He4930n61HWDXKv6174342za200&auid=1142794376.1725538738
Request Chain 62
  • https://x.cnt.my/px/?dom=warthunder.com&r=0.3550521815065699 HTTP 301
  • https://x.cnt.my/px/?dom=warthunder.com&r=0.3550521815065699&rand=0.5425390627723707&xtmp=1
Request Chain 66
  • https://s.amazon-adsystem.com/iu3?pid=0c0d60fd-9cac-47ac-a9c2-4e51fcfa9539&event=PageView&ts=1725538737777 HTTP 302
  • https://s.amazon-adsystem.com/iu3?pid=0c0d60fd-9cac-47ac-a9c2-4e51fcfa9539&event=PageView&ts=1725538737777&dcc=t

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request play4free
warthunder.com/ro/ 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.24
Resource Hash
34f1e3d537dd5698da523481c3ac3cc8eb12479da46082c42c600776bebea4cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8be62a171894ab16-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 05 Sep 2024 12:18:53 GMT
expires
Thu, 05 Sep 2024 11:18:52 +0000
last-modified
Thu, 05 Sep 2024 12:18:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
vary
Accept-Encoding
x-no-red
1
x-node-id
05
x-powered-by
PHP/8.0.24
x-request-id
0a23d1e7a5b202924f5ea78706c3e594
vendor-9c4a3cf6.css
warthunder.com/land/signupNewMF/assets/ 		2 MB
2 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/vendor-9c4a3cf6.css
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c4a3cf6f5a9f0b789a84827b42a8236c1089319196a508478b05e757205f5bd

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
etag
W/"66d99356-27c438"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8be62a1bdb7aab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
index-86052501.css
warthunder.com/land/signupNewMF/assets/ 		64 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86052501ca3c6a969af6c6fd2068196fa02884514cb6ee72b7e5bcbf4f6fd5ba

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
etag
W/"66d99356-1002d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8be62a1bdb7cab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
/
warthunder.com/land/signupNewMF/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://warthunder.com/land/signupNewMF/
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8be62a1d7c94ab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
index-0ed2a5d6.js
warthunder.com/land/signupNewMF/assets/ 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/index-0ed2a5d6.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b3ebb39df7fd720e9d0977b2ccdb534040c0c5e642b6f47fb0e563f3f4b8d35

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
etag
W/"66d99356-1da2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8be62a1bdb7dab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
grx.js
warthunder.com/js/ 		1019 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/js/grx.js?v=
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7800b2c17b1d0262508f37d724ff203b5f3bf87c8f214927ddb4e43405fc950

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
etag
W/"66d99356-3fb"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8be62a1bdb7eab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
tag.js
mc.yandex.ru/metrika/ 		201 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
f076831b414f38e8872d8ee68119cd310f67805b1da881ea95f04e2b032559c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 04 Sep 2024 13:17:06 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66d85dd2-114b9"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70841
expires
Thu, 05 Sep 2024 13:18:55 GMT
ytc.js
s.yimg.com/wi/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.92.11 Ashburn, United States, ASN10310 (YAHOO-1, US),
Reverse DNS
e1.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Thu, 05 Sep 2024 12:11:08 GMT
x-amz-version-id
JRuD6BVFDpXh1T7iUrCVWNpcX_ACBwVG
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
VFASXAMYV6FHXTXK
age
468
x-amz-server-side-encryption
AES256
content-length
6826
x-amz-id-2
g3wimEuFfDd0ZHp5Kf0vgFisTr8G5vKMG1pKpsxg56bQzRdgwIkYK23QOmMkGzvDSbFmKEvGzNuYT+F/VV3Qkpthhw3nAjpYDmxTNCgLwT0=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 03 Oct 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 28 Aug 2024 12:33:10 GMT
server
ATS
etag
"bc033c3a83e1880e480086bf11ac0b0a-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
openapi.c340c125c61ec5745ebb2a98626e46ab.js
vk.com/dist/public/api/
Redirect Chain
  • https://vk.com/js/api/openapi.js?168
  • https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv164-137-240-87.vk.com
Software
kittenx /
Resource Hash
0794ec55ac26233eb8ceed5fc64073eea5d00df95da9cc31f18b578a64762782

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-trace-id
G5KLnUkVxPh7m9co9uE9aDwTAVLQqQ
date
Thu, 05 Sep 2024 12:18:58 GMT
content-encoding
br
x-frontend
front656000
last-modified
Tue, 09 Jul 2024 04:19:33 GMT
server
kittenx
etag
W/"668cba55-e165"
vary
Accept-Encoding, Available-Dictionary
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
server-timing
tid;desc="G5KLnUkVxPh7m9co9uE9aDwTAVLQqQ",front;dur=0.144
expires
Mon, 09 Sep 2024 12:18:58 GMT

Redirect headers

x-trace-id
rS-ri34qnQFk01Zu65Iw2iz_VyY1lg
date
Thu, 05 Sep 2024 12:18:58 GMT
content-encoding
gzip
x-frontend
front656000
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.118287
content-type
text/html; charset=windows-1251
location
/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
access-control-expose-headers
X-Frontend
cache-control
no-store
server-timing
tid;desc="rS-ri34qnQFk01Zu65Iw2iz_VyY1lg",front;dur=0.299
content-length
20
reporting-endpoints
default="https://vk.com/browser_reports?dest=default_reports"
track_pixel
uep.gaijin.net/ Frame 48FD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://uep.gaijin.net:8383/track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvd2FydGh1bmRlci5jb206NDQzXC9yb1wvcGxheTRmcmVlP3I9YWRjYXNoXzQxMzgyOTUmVHJhbnNhY3Rpb25fSUQ9MTYzNzExNzA2ODEzMzMyNTY2NzAxNDI1MTE2MDEzNzA4NDQiLCJpcCI6IjE3OC4yNDkuMjE0LjEzNSIsImxhbmdfdXJsIjoiZW4iLCJsYW5nX2dlbyI6ImNhIiwic2FsdCI6IkFJYmFUX1prMU1aeWZqSUszV1JXVV9zcnVGQ2NsRHZvIn0%3D&public_key=UOWlwLc8M1wOUKRPSEy9&crc=5a378cac94c5df637991e0d063c2b507
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
34.248.84.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-84-180.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
99
Date
Thu, 05 Sep 2024 12:18:56 GMT
Keep-Alive
timeout=5
X-Powered-By
Express
cbfp
warthunder.com/en/ajax/event/
Redirect Chain
  • https://warthunder.com/ajax/event/cbfp
  • https://warthunder.com/en/ajax/event/cbfp
14 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/en/ajax/event/cbfp
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.24
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:55 GMT
x-node-id
05
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
x-powered-by
PHP/8.0.24
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
8be62a237864ab16-YYZ
x-request-id
2e2a3efff5c46c8601c414384e47f010
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:54 GMT
x-node-id
05
referrer-policy
no-referrer-when-downgrade
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.0.24
content-type
text/html; charset=UTF-8
location
https://warthunder.com/en/ajax/event/cbfp
cache-control
no-store, no-cache, must-revalidate
cf-ray
8be62a218f2aab16-YYZ
x-request-id
19d150ff67df1fa5594e473d9ee3644b
expires
Thu, 19 Nov 1981 08:52:00 GMT
vendor-c7c58d15.js
warthunder.com/land/signupNewMF/assets/ 		1 MB
542 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/vendor-c7c58d15.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b4d0a650dd7fd54d9d188ad219d8964f19accc8748c634d57541028ee1fa607

Request headers

Referer
https://warthunder.com/land/signupNewMF/assets/index-0ed2a5d6.js
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
etag
W/"66d99356-11158d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8be62a219f39ab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
gtm.js
www.googletagmanager.com/ 		351 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.72 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d34b5a3fa538d8d9e600013a738026b9f44f97273ec15030de636b38c1baba4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
115410
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Sep 2024 12:18:57 GMT
truncated
/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfaeefef7d25b2134fa74db0a27ea2d1daf101b2871c84fa31315906e28daddb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
wl193.jpg
staticfiles.warthunder.com/upload/image/media/warland/ 		485 KB
486 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticfiles.warthunder.com/upload/image/media/warland/wl193.jpg
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-75.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
414b2dab96565cc874e46d2ce69166f3e786cec44e1328e70d81ae8643cd52cb

Request headers

Referer
https://warthunder.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 06:48:06 GMT
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 22:42:41 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
20237
x-amz-server-side-encryption
AES256
etag
"2ec3da3b778487e9d8858e6adb84be52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
496467
x-amz-cf-id
JTSmGDWuk4D-0LFcd16mlwPrjjlMIupKpSjKpm4w7sFtXPa4NT_x8A==
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ad0f48970e4c0d18e737e4455fb56a8575e19a368dd6e2f28761b4025c1c514

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd55cf914977eab04e43940b2a3b88ff0e01919f62033caf186a9cbe5c6fc63b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		413 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c9b1492d5087d1e5e895939f29fffac5e1c7a1f9a5b660df707989fb258ab6e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd002ec69d4a3233b2ed73086aa2417ba673bb9c95906b1da9b6c4e70006f52a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14c5eea4c2dcdc26f7182f83ba939c9565cf5d052980e1a7f39fdfb4c9a401ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7f94867d8fe3a53b6bf7b0c773e7d3e91442aa825fea7f5d11cec4d33477bf4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
665a618c1cbb3e534f1bdf0c7c110acbeb6d85b767c6efe05b3daab1ce2c8109

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
image/png
FiraSans-Medium-52b955b5.woff2
warthunder.com/land/signupNewMF/assets/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/FiraSans-Medium-52b955b5.woff2
Requested by
Host: warthunder.com
URL: https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52b955b58e3c9b5cfddca997c790e23ef12ea106ec1a3d1872e8bf28c5d5a625

Request headers

Referer
https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:55 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
etag
"66d99356-baec"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8be62a27eb46ab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
47852
FiraSans_Regular-a29f883a.woff2
warthunder.com/land/signupNewMF/assets/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/land/signupNewMF/assets/FiraSans_Regular-a29f883a.woff2
Requested by
Host: warthunder.com
URL: https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29f883a136c42b13d6a82d093e2a6fd139b0b9406e64ed01e612a4482a79e2b

Request headers

Referer
https://warthunder.com/land/signupNewMF/assets/index-86052501.css
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:55 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
etag
"66d99356-da9c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
8be62a27eb47ab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length
55964
truncated
/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7e390c04c441db46d42cad2251133f522bf974d43024518fc4450479e67ca72

Request headers

Referer
Origin
https://warthunder.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Content-Type
font/woff2
wt_logo_anime.webp
staticfiles.warthunder.com/upload/image/landings/logo/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticfiles.warthunder.com/upload/image/landings/logo/wt_logo_anime.webp?v=
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-75.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a235221b0ba2a5a09a9a12c35a1cbe02067349273d28520a17986c9ae821bb6a

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 08:06:40 GMT
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
last-modified
Thu, 21 Mar 2024 10:53:52 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
15996
x-amz-server-side-encryption
AES256
etag
"ba0aa85f68c730e444c44240376f2458"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
accept-ranges
bytes
content-length
96046
x-amz-cf-id
KzXx82DiNTdrXwH7-T5TyXOiPHr0L0fQwOK3hxXGna1vcyoY9bJ5Ag==
wl193.mp4
staticfiles.warthunder.com/upload/image/media/warland/ 		17 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://staticfiles.warthunder.com/upload/image/media/warland/wl193.mp4
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-75.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 05 Sep 2024 09:47:14 GMT
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 22:42:41 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
9102
x-amz-server-side-encryption
AES256
etag
"3d6619b5b8e64c73f95572d1e146d680"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-22555637/22555638
accept-ranges
bytes
x-amz-cf-id
G4ys13gXB8GWiUlyszfd2-kJYxPb1uG25459vaqL4raTmb8A2XzO6Q==
Content-Length
22555638
10020777.json
s.yimg.com/wi/config/ 		2 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10020777.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.147.92.11 Ashburn, United States, ASN10310 (YAHOO-1, US),
Reverse DNS
e1.ycpi.vip.dca.yahoo.com
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

ats-carp-promotion
1, 1
date
Thu, 05 Sep 2024 11:43:08 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
8EDPQKWPKGNTJB8F
age
2147
content-length
2
x-amz-id-2
drQ4z9edjNMCq8YbKBfFFlObnLsXlanr6JyViMIS6HivGHMvBDDw2w/1xVeo9PZTGWS0lFi8ZAo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
sp.pl
sp.analytics.yahoo.com/ 		43 B
676 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2005%20Sep%202024%2012%3A18%3A55%20GMT&n=7d&b=War%20Thunder%20%E2%80%94%20Registration&.yp=10020777&f=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&enc=UTF-8&yv=1.16.5
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.88.71.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-71-74.compute-1.amazonaws.com
Software
ATS/9.1.10.134 /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:56 GMT
via
http/1.1 traffic_server (ApacheTrafficServer/9.1.10.134)
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS/9.1.10.134
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
1
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Thu, 05 Sep 2024 12:18:56 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10483.y01ga_7kq0j56u_KQ45L238UcSDJLTTss2nFAQ6TDPkroWld8noPFzDPwPfDtJVr.7fshD8vRZyN4NVFLi07llGT9paM%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10483.rBHeb6EPDTjn_zpB1yhLrBGSkW9TtzZfzltzcZ0GfUUcO4fgEfuNqH-InMvBp6AATPJ5nEXDHbz5_pubzJT2LQI3JADqnq0Ek8uQnR8otzW0Q2Ls1dlCE8Xw8OoXW49WXmeK00H67R...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10483.qBVDtlHoZl3j7w1c07adBXS_BqbAPBYm6biFCriHdReSwiaaBZHMtzKbKt2SCRfIq7wxmzuZEWEhiIa5gzKn6GYOViZnhODi6EYMDPuqFUjOK...
43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10483.qBVDtlHoZl3j7w1c07adBXS_BqbAPBYm6biFCriHdReSwiaaBZHMtzKbKt2SCRfIq7wxmzuZEWEhiIa5gzKn6GYOViZnhODi6EYMDPuqFUjOK4S0u5KEAbBgkiiimmSaYH_lOvYd1M_ltQeyuZu179fCX5q4VXZaql1V9SM0r-rnennM7S4tvEN52OTODyB02_9IBXa5kWEi5sFgeSxtzA%2C%2C.fv_N6czoxJw0-1iAY82TsGQFrz4%2C
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 12:18:56 GMT
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10483.qBVDtlHoZl3j7w1c07adBXS_BqbAPBYm6biFCriHdReSwiaaBZHMtzKbKt2SCRfIq7wxmzuZEWEhiIa5gzKn6GYOViZnhODi6EYMDPuqFUjOK4S0u5KEAbBgkiiimmSaYH_lOvYd1M_ltQeyuZu179fCX5q4VXZaql1V9SM0r-rnennM7S4tvEN52OTODyB02_9IBXa5kWEi5sFgeSxtzA%2C%2C.fv_N6czoxJw0-1iAY82TsGQFrz4%2C
date
Thu, 05 Sep 2024 12:18:56 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 12:18:55 GMT
last-modified
Wed, 04 Sep 2024 13:17:06 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66d85dd2-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 05 Sep 2024 13:18:55 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 2FE9 		0
0
1
mc.yandex.com/watch/21262261/
Redirect Chain
  • https://mc.yandex.com/watch/21262261?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&u...
  • https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8...
723 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1430%3Acn%3A1%3Adp%3A0%3Als%3A96733698665%3Ahid%3A103679746%3Az%3A-420%3Ai%3A20240905051855%3Aet%3A1725538736%3Ac%3A1%3Arn%3A344559267%3Arqn%3A1%3Au%3A1725538736653013892%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2882%3Awv%3A2%3Ads%3A20%2C59%2C737%2C4%2C1%2C0%2C%2C993%2C2%2C%2C%2C%2C2770%3Aco%3A0%3Acpf%3A1%3Ans%3A1725538732562%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725538737%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
ee9d73ad0cdbd1d895970202a0d924060d33147a3ab7c291120817848d1c25b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 12:18:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 05-Sep-2024 12:18:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://warthunder.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
723
x-xss-protection
1; mode=block
expires
Thu, 05-Sep-2024 12:18:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:56 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 05-Sep-2024 12:18:56 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1430%3Acn%3A1%3Adp%3A0%3Als%3A96733698665%3Ahid%3A103679746%3Az%3A-420%3Ai%3A20240905051855%3Aet%3A1725538736%3Ac%3A1%3Arn%3A344559267%3Arqn%3A1%3Au%3A1725538736653013892%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2882%3Awv%3A2%3Ads%3A20%2C59%2C737%2C4%2C1%2C0%2C%2C993%2C2%2C%2C%2C%2C2770%3Aco%3A0%3Acpf%3A1%3Ans%3A1725538732562%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725538737%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821038596%29ti%281%29
access-control-allow-origin
https://warthunder.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 05-Sep-2024 12:18:56 GMT
banner.js
consent.cookiefirst.com/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
Cookie First CDN-NY1-885 /
Resource Hash
d6274c461ae839905b1822f04b11aa4a2415904fd3aec931f46c7ff62cc3b5c2

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:58 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-storageserver
DE-633
cdn-cachedat
09/04/2024 10:47:50
cdn-pullzone
236985
visitor-location
CA
last-modified
Wed, 04 Sep 2024 09:08:05 GMT
server
Cookie First CDN-NY1-885
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"66d82375-1978b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=1200
cdn-requestid
09678eb7d4c524d38e5c5ce8cac475c8
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l3l5l1&tag_exp=0&rnd=137071406.1725538738&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma=0&npa=0&gtm=45He4930n61HWDXKv6174342za200&au...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5l1&tag_exp=0&rnd=137071406.1725538738&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma=0&npa=0&gtm=45He4930n61HWDXKv61...
42 B
65 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5l1&tag_exp=0&rnd=137071406.1725538738&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma=0&npa=0&gtm=45He4930n61HWDXKv6174342za200&auid=1142794376.1725538738
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H3
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l3l5l1&tag_exp=0&rnd=137071406.1725538738&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free&dma=0&npa=0&gtm=45He4930n61HWDXKv6174342za200&auid=1142794376.1725538738
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		349 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.72 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e03f1c481916355121bcb322ca3fe8096a6ace47f64c486d5c058926f140eadb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
112760
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 05 Sep 2024 12:18:57 GMT
destination
www.googletagmanager.com/gtag/ 		231 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-977291250&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.72 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
04d7fd1c0a6e09ff5edef64c3e4cc22c1fd43f1ef2a5fc913ddc09495728e81b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85064
x-xss-protection
0
last-modified
Thu, 05 Sep 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 Sep 2024 12:18:57 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-HWDXK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 05 Sep 2024 12:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
776
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 05 Sep 2024 14:06:04 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 05 Sep 2024 12:19:00 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8FAA38E1ACC34AC99F9775E060F0A806 Ref B: YTO01EDGE0519 Ref C: 2024-09-05T12:19:00Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 05 Sep 2024 12:18:57 GMT
document-policy
force-load-at-top
x-fb-server-load
43
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4307, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
IDxKy/hVtUxTmVaLJP53ojr8ee/oLPZyMjfTw4Zj3Se7Mv2WSMN0f5ZUFfYvYxtYBZRMDBbTekBLo8JigcQnow==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1626307/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66fcdd6edf1c40b5775583e5a3bc86eb1c2e1c06e13b6a968f29c60b16f2ba5e

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-amz-version-id
9ViojtpTa9MI3o11i0LVg1QuGlkwp8.d
content-encoding
gzip
via
1.1 varnish
date
Thu, 05 Sep 2024 12:19:00 GMT
x-amz-request-id
3DHVCSEYEA5M0WY1
age
40
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21941
x-amz-id-2
qPBYiZQw0WV2eOjlTRwF8XJdCdsgwz1NzraxDm9XBbRoIoN4aMlR2OLDFugrZuu1qd6aqQN+YVo=
x-served-by
cache-yyz4573-YYZ
last-modified
Sun, 01 Sep 2024 11:03:00 GMT
server
AmazonS3
x-timer
S1725538741.907917,VS0,VE1
etag
"5a1f23bd9d760dcc2cd0f3872ef77e95"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
25
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
amzn.js
c.amazon-adsystem.com/aat/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aat/amzn.js
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-115-149.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b604e18370e4d2d157036b796fe9bde8710565d5c37d5c71774f8e4cc89f0640

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-amz-version-id
B14hs8_QxO.vp231KHKfyqeLnVmU2U12
content-encoding
gzip
via
1.1 734dd528086f4273ac466f3c1bd45b14.cloudfront.net (CloudFront), 1.1 ed8dbde89917eaa6ca93ba7fad809c48.cloudfront.net (CloudFront)
date
Wed, 04 Sep 2024 13:49:33 GMT
last-modified
Mon, 02 Sep 2024 15:05:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P8, JFK50-P3
x-amz-server-side-encryption
AES256
etag
W/"74357f0dac08d28bc19b6fe1a274ce67"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
x-amz-cf-id
dg5cTpTRbXouIWDZLW-bwG8GCje6GgeVwspaxvJnoqM9E0olpkQ0UQ==
dsp
citydsp.com/ 		667 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://citydsp.com/dsp?h=warthunder.com&r=0.574240451411977
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.33.59 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
7567250970a6e086d9a03651a9e5d3f20fc7e65ec6df07f2d0f3421f32414695

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Sep 2024 12:18:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
pixel.gif
statad.ru/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statad.ru/pixel.gif?u=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&r=&w=1&h=0&gW=1600&gH=1200&gDH=1200&gDW=1600&c=eff:4g&t=1725538737785
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.189.239.94 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.25.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Date
Thu, 05 Sep 2024 12:19:00 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.25.0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/977291250/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977291250/?random=1725538737888&cv=11&fst=1725538737888&bg=ffffff&guid=ON&async=1&gtm=45be4930z86174342za201zb6174342&gcd=13t3t3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&hn=www.googleadservices.com&frm=0&tiba=War%20Thunder%20%E2%80%94%20Registration&npa=0&pscdl=noapi&auid=1142794376.1725538738&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=registration%3Dregistration&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-977291250&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
27fff8aaa6f8086a4589644518325e7744627d00229420683fedca0c71b7bb5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2378
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
977291250
td.doubleclick.net/td/rul/ Frame E94C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/977291250?random=1725538737888&cv=11&fst=1725538737888&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4930z86174342za201zb6174342&gcd=13t3t3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&hn=www.googleadservices.com&frm=0&tiba=War%20Thunder%20%E2%80%94%20Registration&npa=0&pscdl=noapi&auid=1142794376.1725538738&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=registration%3Dregistration
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-977291250&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Sep 2024 12:18:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1751351005148330
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1751351005148330?v=2.9.167&r=stable&domain=warthunder.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.71.7 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-lga3.fbcdn.net
Software
/
Resource Hash
361b0e6ac085524fd9d903b98b6c7ab1ce453fc2e35f46e71c4ba475721ca909
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 05 Sep 2024 12:18:57 GMT
document-policy
force-load-at-top
x-fb-server-load
31
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13103
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=74, mss=1232, tbw=66947, tp=62, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
43Eet1Ddf8PniEE4ANfYiKeIDX/1D2clzgWtbGprsPrye+h1c/kG3Ycgj9bW8Qwy3qtOWJ51Ju3rISUIFg+FQw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3KX7RD39Z5&gtm=45je4930v899146998z86174342za200zb6174342&_p=1725538734376&_gaz=1&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=0&cid=400318229.1725538738&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1725538737&sct=1&seg=0&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&dt=War%20Thunder%20%E2%80%94%20Registration&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5458
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3KX7RD39Z5&cid=400318229.1725538738&gtm=45je4930v899146998z86174342za200zb6174342&aip=1&dma=0&gcs=G111&gcd=13t3t3l3l5l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame C971 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-3KX7RD39Z5&gacid=400318229.1725538738&gtm=45je4930v899146998z86174342za200zb6174342&dma=0&gcs=G111&gcd=13t3t3l3l5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=249171815
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 05 Sep 2024 12:18:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3KX7RD39Z5&cid=400318229.1725538738&gtm=45je4930v899146998z86174342za200zb6174342&aip=1&dma=0&gcs=G111&gcd=13t3t3l3l5l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=713723738
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/977291250/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/977291250/?random=1725538737888&cv=11&fst=1725537600000&bg=ffffff&guid=ON&async=1&gtm=45be4930z86174342za201zb6174342&gcd=13t3t3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&hn=www.googleadservices.com&frm=0&tiba=War%20Thunder%20%E2%80%94%20Registration&npa=0&pscdl=noapi&auid=1142794376.1725538738&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=registration%3Dregistration&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf3PUd7MorEHKu2HIC3EdLAbjIA80KPw&random=2546989220&rmt_tld=0&ipr=y
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.36 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/977291250/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/977291250/?random=1725538737888&cv=11&fst=1725537600000&bg=ffffff&guid=ON&async=1&gtm=45be4930z86174342za201zb6174342&gcd=13t3t3l3l5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&hn=www.googleadservices.com&frm=0&tiba=War%20Thunder%20%E2%80%94%20Registration&npa=0&pscdl=noapi&auid=1142794376.1725538738&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=registration%3Dregistration&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnf3PUd7MorEHKu2HIC3EdLAbjIA80KPw&random=2546989220&rmt_tld=1&ipr=y
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:18:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1751351005148330&ev=PageView&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&rl=&if=false&ts=1725538738111&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725538738110.773368185210709324&ler=empty&cdl=API_unavailable&it=1725538737950&coo=false&rqm=GET
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=10, mss=1316, tbw=2844, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 05 Sep 2024 12:18:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1751351005148330&ev=PageView&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&rl=&if=false&ts=1725538738111&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725538738110.773368185210709324&ler=empty&cdl=API_unavailable&it=1725538737950&coo=false&rqm=FGET
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 05 Sep 2024 12:18:58 GMT
document-policy
force-load-at-top
x-fb-server-load
58
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7411132449294586947", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=14, mss=1316, tbw=3162, tp=-1, tpl=-1, uplat=94, ullat=0
pragma
no-cache
x-fb-debug
KTEFPk7rhrm6c0IrUPTftxLRHGWpjf+DX67ujWpmEmc3t+Lcx2WGykjlzddzjSIzK7eXMjSi6ofDYuOLw6zD4w==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7411132449294586947"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
version.json
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 		44 B
780 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/version.json?v=1725538738147
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
Cookie First CDN-NY1-885 /
Resource Hash
2d5064f5a2cd0916ac9f6af2cf6538fb7c3342df5dccd47a94dc897844596af1

Request headers

Accept
application/json
Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:58 GMT
cdn-edgestorageid
885
cdn-storageserver
DE-382
cdn-cachedat
09/05/2024 12:18:58
cdn-pullzone
236985
content-length
44
visitor-location
CA
last-modified
Mon, 02 Sep 2024 21:07:11 GMT
server
Cookie First CDN-NY1-885
cdn-fileserver
588
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"66d628ff-2c"
content-type
application/json
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=10
cdn-requestid
7cf9590694f0c13e72b71180bc60f7de
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
config.json
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/config.json?v=1cdbdc33-9cf5-4ce7-af0d-ea80db578e97
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
Cookie First CDN-NY1-885 /
Resource Hash
511ef2e6e365fe8cee32249c93a5ae663be48a52c6dac8e32b9d519ac30e5b0d

Request headers

Accept
application/json
Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:58 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-storageserver
DE-661
cdn-cachedat
09/02/2024 21:07:33
cdn-pullzone
236985
visitor-location
CA
last-modified
Mon, 02 Sep 2024 21:07:05 GMT
server
Cookie First CDN-NY1-885
cdn-fileserver
588
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"66d628f9-a7e"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=30
cdn-requestid
1928a8033e0a9ce6bf4a41fac3889ccf
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
location
edge.cookiefirst.com/prod/ 		66 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://edge.cookiefirst.com/prod/location?origin=warthunder.com
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
BunnyCDN-NY1-885 /
Resource Hash
2dc5445a920c70cfd88126c05980ed35e09f1294630894d8c2279b0b79039e8c

Request headers

Accept
application/json
Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:58 GMT
cdn-edgestorageid
885
cdn-cachedat
09/05/2024 12:18:58
cdn-pullzone
717911
content-length
66
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
content-type
application/json; charset=utf-8
access-control-allow-origin
https://warthunder.com
cdn-cache
BYPASS
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
cache-control
public, max-age=1200
cdn-requestid
02fb1064adf49c16fdd61afb2c08e2ab
cdn-requestcountrycode
CA
cdn-status
200
cdn-requestpullsuccess
True
rtrg
vk.com/ 		49 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-498777-cCNoW&metatag_url=https%3A%2F%2Fwarthunder.com%2F&metatag_title=%20War%20Thunder%20%E2%80%94%20Registration%20
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv164-137-240-87.vk.com
Software
kittenx / KPHP/7.4.118287
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-trace-id
b43XXcvyhOFMcZO6VZ93Dky-E96sxw
date
Thu, 05 Sep 2024 12:18:58 GMT
content-encoding
gzip
x-frontend
front656000
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.118287
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
server-timing
tid;desc="b43XXcvyhOFMcZO6VZ93Dky-E96sxw",front;dur=0.022
content-length
65
reporting-endpoints
default="https://vk.com/browser_reports?dest=default_reports"
lang-widget-en.json
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 		14 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/lang-widget-en.json?v=1cdbdc33-9cf5-4ce7-af0d-ea80db578e97
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
Cookie First CDN-NY1-885 /
Resource Hash
d4e61187cc24285395b19bcccb580686e908716f7ce0c4ebd2502122f7722834

Request headers

Accept
application/json
Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:58 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-storageserver
DE-587
cdn-cachedat
09/02/2024 21:07:34
cdn-pullzone
236985
visitor-location
CA
last-modified
Mon, 02 Sep 2024 21:07:08 GMT
server
Cookie First CDN-NY1-885
cdn-fileserver
599
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"66d628fc-362d"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
e67d6852796a60babf8c3652585c92dd
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
233.362b.c.css
consent.cookiefirst.com/banner/v2.14.43/static-main/ 		127 B
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.43/static-main/233.362b.c.css
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
Cookie First CDN-NY1-885 /
Resource Hash
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:58 GMT
cdn-edgestorageid
885
cdn-storageserver
DE-587
cdn-cachedat
09/04/2024 09:08:12
cdn-pullzone
236985
content-length
127
visitor-location
CA
last-modified
Wed, 04 Sep 2024 09:08:05 GMT
server
Cookie First CDN-NY1-885
cdn-fileserver
709
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"66d82375-7f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
b37cceff0aca5596d6623f44f25f64cb
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
233.8420.c.js
consent.cookiefirst.com/banner/v2.14.43/static-main/ 		96 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiefirst.com/banner/v2.14.43/static-main/233.8420.c.js
Requested by
Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.40.58 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
138-199-40-58.bunnyinfra.net
Software
Cookie First CDN-NY1-885 /
Resource Hash
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:18:58 GMT
cdn-edgestorageid
885
cdn-storageserver
DE-676
cdn-cachedat
09/04/2024 09:08:12
cdn-pullzone
236985
content-length
96
visitor-location
CA
last-modified
Wed, 04 Sep 2024 09:08:05 GMT
server
Cookie First CDN-NY1-885
cdn-fileserver
862
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"66d82375-60"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control
public, max-age=31919000
cdn-requestid
9d35c0307a33ab8420c53387a99ec362
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status
200
cdn-requestpullsuccess
True
init
retagro.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retagro.com/init?r=0.3409775029502602
Requested by
Host: citydsp.com
URL: https://citydsp.com/dsp?h=warthunder.com&r=0.574240451411977
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
85.17.170.54 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0855e6ceaa4b07e7e609769d0b63d4f9f800afe28bec6c5393ae841e15300de6

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Sep 2024 12:18:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
/
x.cnt.my/px/
Redirect Chain
  • https://x.cnt.my/px/?dom=warthunder.com&r=0.3550521815065699
  • https://x.cnt.my/px/?dom=warthunder.com&r=0.3550521815065699&rand=0.5425390627723707&xtmp=1
35 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.cnt.my/px/?dom=warthunder.com&r=0.3550521815065699&rand=0.5425390627723707&xtmp=1
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Server
138.201.230.88 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.230.201.138.clients.your-server.de
Software
nginx /
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:19:13 GMT
server
nginx
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache,max-age=0,must-revalidate, no-cache
content-length
35
expires
0

Redirect headers

date
Thu, 05 Sep 2024 12:19:13 GMT
server
nginx
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
/px/?dom=warthunder.com&r=0.3550521815065699&rand=0.5425390627723707&xtmp=1
content-type
text/plain; charset=utf-8
cache-control
no-cache
content-length
75
expires
0
analytics
retagro.com/ 		0
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://retagro.com/analytics?id=null&params=%7B%22i%22%3Afalse%2C%22hidden%22%3Afalse%2C%22r%22%3A%22%22%2C%22u%22%3A%22https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F%22%2C%22c%22%3A%7B%22analytic_id%22%3A%221725538739232415%22%7D%2C%22a%22%3A%7B%7D%2C%22store%22%3A%7B%7D%2C%22width%22%3A1600%2C%22height%22%3A1200%2C%22outerWidth%22%3A1600%2C%22outerHeight%22%3A1285%2C%22tabId%22%3A%221725538739233%22%7D
Requested by
Host: retagro.com
URL: https://retagro.com/init?r=0.3409775029502602
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
85.17.170.54 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 05 Sep 2024 12:18:59 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
no-store, no-cache, private
Connection
keep-alive
topics_api
psb.taboola.com/ 		65 B
279 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psb.taboola.com/topics_api
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 05 Sep 2024 12:19:00 GMT
via
1.1 varnish
server
Varnish
observe-browsing-topics
?1
x-timer
S1725538741.981198,VS0,VE0
x-cache
HIT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=2592000
accept-ranges
bytes
content-length
65
retry-after
0
x-served-by
cache-yyz4541-YYZ
json
trc.taboola.com/1626307/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1626307/trc/3/json?tim=1725538740935&data=%7B%22id%22%3A46%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1725538740926%2C%22cv%22%3A%2220240830-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwarthunder.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dgaijindistributionkft-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1725538740934%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96058d990019f3175d8a1a59a72655209b22d420acecc1401ba6baa66dac8eb5

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

x-vcl-time-ms
26
date
Thu, 05 Sep 2024 12:19:00 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.28650000000000003
x-fastly-to-nlb-rtt
16348
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-yyz4573-YYZ
x-log-content-encoding
gzip
server
nginx
x-timer
S1725538741.955493,VS0,VE26
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
iu3
s.amazon-adsystem.com/
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?pid=0c0d60fd-9cac-47ac-a9c2-4e51fcfa9539&event=PageView&ts=1725538737777
  • https://s.amazon-adsystem.com/iu3?pid=0c0d60fd-9cac-47ac-a9c2-4e51fcfa9539&event=PageView&ts=1725538737777&dcc=t
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?pid=0c0d60fd-9cac-47ac-a9c2-4e51fcfa9539&event=PageView&ts=1725538737777&dcc=t
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 05 Sep 2024 12:19:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YW3Y4BW6P8WHV3MHX3WR
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?pid=0c0d60fd-9cac-47ac-a9c2-4e51fcfa9539&event=PageView&ts=1725538737777&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1433217121&t=pageview&_s=1&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&ul=en-ca&de=UTF-8&dt=War%20Thunder%20%E2%80%94%20Registration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiAABBAAAAC~&jid=2056052498&gjid=215063359&cid=400318229.1725538738&tid=UA-40910063-1&_gid=1626347510.1725538741&_slc=1&gtm=45He4930n61HWDXKv6174342za200&gcs=G111&gcd=13t3t3l3l5l1&dma=0&tag_exp=0&z=1517395958
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.238 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-40910063-1&cid=400318229.1725538738&jid=2056052498&gjid=215063359&_gid=1626347510.1725538741&_u=YCDAiAABBAAAAG~&z=1364980045
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Sep 2024 12:19:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
5665554.js
bat.bing.com/p/action/ 		334 B
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5665554.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Thu, 05 Sep 2024 12:19:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D6397EC87EDE4974BD8553632D4B5439 Ref B: YTO01EDGE0519 Ref C: 2024-09-05T12:19:01Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5665554&Ver=2&mid=0a6d6262-baeb-4940-bc45-ecd99e9d8f72&sid=089b2a606b8111efb731c149f3c5d03f&vid=089b60906b8111efbeb6e3556e924cc1&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=War%20Thunder%20%E2%80%94%20Registration&p=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&r=&lt=2771&evt=pageLoad&sv=1&cdb=ARoR&rn=213365
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 05 Sep 2024 12:19:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B62B73DD5B334EC9B8FBB368BC4DEA8E Ref B: YTO01EDGE0519 Ref C: 2024-09-05T12:19:01Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
unip
trc-events.taboola.com/1626307/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=0&ssd=1&est=1725538740931&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1725538742485&vi=1725538740926&ri=7222e95a15f502c90d59da347748b189&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-origin
https://warthunder.com
pragma
no-cache
date
Thu, 05 Sep 2024 12:19:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1626307/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=0&ssd=1&est=1725538740931&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1725538742485&vi=1725538740926&ri=7222e95a15f502c90d59da347748b189&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://warthunder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://warthunder.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 05 Sep 2024 12:19:02 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
request.js
script.anura.io/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=3952744944&exid=FD085B8EACA1D966BE6D9C6802DC3103&source=adcash&campaign=4138295&972375158379
Requested by
Host: warthunder.com
URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.65.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-65-186.compute-1.amazonaws.com
Software
nginx /
Resource Hash
aff4aaea9402206152ef3323104ffe00c50f30a5ef953ca2adaed80ddddb61e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:19:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
showads.js
ads.anura.io/ 		0
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?141514768025
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3952744944&exid=FD085B8EACA1D966BE6D9C6802DC3103&source=adcash&campaign=4138295&972375158379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-79.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 03:40:31 GMT
content-encoding
gzip
via
1.1 6c9d752a06683b70c3a48f07f80d43b0.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P2
age
31112
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
x-amz-cf-id
TMi2iKutiYkNe7AGWgcypfX8ds0YWBrWTw8JoPIK4wskQhR0LKZQGA==
79471910-4223-4c0b-bad7-2d35a2600ee4
https://warthunder.com/ Frame 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3KX7RD39Z5&gtm=45je4930v899146998za200zb6174342&_p=1725538734376&gcs=G111&gcd=13t3t3l3l5l1&npa=0&dma=0&tag_exp=0&cid=400318229.1725538738&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1725538737&sct=1&seg=0&dl=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844&dt=War%20Thunder%20%E2%80%94%20Registration&en=scroll&epn.percent_scrolled=90&_et=44&tfd=10514
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.206 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:19:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://warthunder.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
response.json
script.anura.io/ 		43 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json?415301407933
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3952744944&exid=FD085B8EACA1D966BE6D9C6802DC3103&source=adcash&campaign=4138295&972375158379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.65.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-65-186.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9799f6f527085a991357c6888ee0db528c9274325e4a63cdace7b858d1da2791
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 05 Sep 2024 12:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
unip
trc-events.taboola.com/1626307/log/3/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=4556&scd=0&ssd=1&est=1725538740931&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1725538745488&vi=1725538740926&ri=7222e95a15f502c90d59da347748b189&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-origin
https://warthunder.com
pragma
no-cache
date
Thu, 05 Sep 2024 12:19:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1626307/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=4556&scd=0&ssd=1&est=1725538740931&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1725538745488&vi=1725538740926&ri=7222e95a15f502c90d59da347748b189&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://warthunder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://warthunder.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 05 Sep 2024 12:19:05 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
21262261
mc.yandex.com/watch/ 		43 B
265 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/21262261?page-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&charset=utf-8&hittoken=1725538736_5afc61e41220b71fa8bafe4853c90879dc22f774bae4dc6c7267c160073ceea0&browser-info=nb%3A1%3Acl%3A1057%3Aar%3A1%3Avf%3Ac4o2nplw0gn9nduetxpw3hlsrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A1430%3Acn%3A1%3Adp%3A1%3Als%3A96733698665%3Ahid%3A103679746%3Az%3A-420%3Ai%3A20240905051910%3Aet%3A1725538751%3Ac%3A1%3Arn%3A1022509575%3Arqn%3A2%3Au%3A1725538736653013892%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A0%3Ans%3A1725538732562%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1725538751&t=gdpr(14)clc(0-0-0)rqnt(2)lt(65100)aw(1)rcm(1)cdl(na)eco(21038596)dss(2)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 05 Sep 2024 12:19:10 GMT
last-modified
Thu, 05-Sep-2024 12:19:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://warthunder.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 05-Sep-2024 12:19:10 GMT
unip
trc-events.taboola.com/1626307/log/3/ 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=10557&scd=0&ssd=1&est=1725538740931&ver=36&isls=true&src=i&invt=6000&msa=0&rv=1&tim=1725538751489&vi=1725538740926&ri=7222e95a15f502c90d59da347748b189&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&it=JS_PIXEL
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Attribution-Reporting-Eligible
trigger
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-origin
https://warthunder.com
pragma
no-cache
date
Thu, 05 Sep 2024 12:19:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1626307/log/3/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=10557&scd=0&ssd=1&est=1725538740931&ver=36&isls=true&src=i&invt=6000&msa=0&rv=1&tim=1725538751489&vi=1725538740926&ri=7222e95a15f502c90d59da347748b189&ref=null&cv=20240830-4-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844%23%2F&it=JS_PIXEL
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://warthunder.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-origin
https://warthunder.com
allow
GET, HEAD, POST, TRACE, OPTIONS
content-length
0
date
Thu, 05 Sep 2024 12:19:11 GMT
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server
nginx
favicon.ico
warthunder.com/ 		5 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://warthunder.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.82.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca035b94fc1216f36d794d58e97ca9b4c72dfa6b04e1f6d8bcc5a03cf8abd5b

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 12:19:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 05 Sep 2024 11:17:42 GMT
server
cloudflare
etag
W/"66d99356-159e"
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8be62a9b0d9cab16-YYZ
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
wl193.mp4
staticfiles.warthunder.com/upload/image/media/warland/ 		16 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://staticfiles.warthunder.com/upload/image/media/warland/wl193.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-75.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
Range
bytes=17990716-

Response headers

date
Thu, 05 Sep 2024 09:47:14 GMT
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 22:42:41 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
9102
x-amz-server-side-encryption
AES256
etag
"3d6619b5b8e64c73f95572d1e146d680"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 17990716-22555637/22555638
accept-ranges
bytes
x-amz-cf-id
G4ys13gXB8GWiUlyszfd2-kJYxPb1uG25459vaqL4raTmb8A2XzO6Q==
Content-Length
4564922

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.com
URL
https://mc.yandex.com/metrika/metrika_match.html
Domain
warthunder.com
URL
blob:https://warthunder.com/79471910-4223-4c0b-bad7-2d35a2600ee4

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| preconfig object| localization function| ym object| dotq object| dataLayer function| gtag object| core object| __core-js_shared__ object| analytics object| YAHOO object| Ya object| yaCounter21262261 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq function| fbq function| _fbq object| _tfa function| amzn object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| chunkCB function| addCFGTMConsentListener number| __COOKIE_BANNER_INIT_TIME__ boolean| IS_CLIENT_SIDE boolean| IS_WEB function| _bridgeSend function| _bridgeSupports function| obj2qs object| fastXDM object| VK object| CookieFirst function| cookiefirst_show_settings object| $XCNT object| rAn function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| EVENT_PROPERTIES_TO_URL_PARAMS_MAP number| INVALID_ACCOUNT_ID object| CONFIGS object| VALIDATION_ERRORS object| EVENTS object| TUP_EVENT_HANDLERS_BY_EVENT_NAME object| TRK_EVENT_TO_ERROR_TYPE_MAP boolean| PUBLISHER_ID_EXISTS string| CALLBACK_PARAMETER_NAME string| LAST_EXTERNAL_REFERRER_URL_PARAM function| renewToken function| updateToken function| deleteToken object| gaplugins object| gaData function| UET function| UET_init function| UET_push object| ueto_5634864333 object| Anura

52 Cookies

Domain/Path Name / Value
warthunder.com/ro Name: cb_track
Value: WyJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLDI0LCJlbiIsIjE2MDB4MTIwMCIsMSwxNiw0MjBd
.warthunder.com/ Name: identity_sid
Value: va1b3re3uc9s3qlqgn513pniar
warthunder.com/ Name: language
Value: en
warthunder.com/ Name: afsId
Value: FD085B8EACA1D966BE6D9C6802DC3103
warthunder.com/ Name: partner_info
Value: aHR0cHM6Ly93YXJ0aHVuZGVyLmNvbTo0NDMvcm8vcGxheTRmcmVlP3I9YWRjYXNoXzQxMzgyOTUmVHJhbnNhY3Rpb25fSUQ9MTYzNzExNzA2ODEzMzMyNTY2NzAxNDI1MTE2MDEzNzA4NDQ%253D
warthunder.com/ Name: ref_name
Value: adcash
warthunder.com/ Name: track_lp
Value: 1
warthunder.com/ Name: wt_l_page
Value: bonus2020
warthunder.com/ Name: wt_l_page_url
Value: %2Fro%2Fplay4free%3Fr%3Dadcash_4138295%26Transaction_ID%3D16371170681333256670142511601370844
.warthunder.com/ Name: conntrack
Value: jlsI/WbZoaxonG2+AzHcAg==
warthunder.com/ Name: _language
Value: en
.yandex.ru/ Name: yashr
Value: 2999367901725538735
.warthunder.com/ Name: _ym_uid
Value: 1725538736653013892
.warthunder.com/ Name: _ym_d
Value: 1725538736
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 549693733fake
.yandex.com/ Name: i
Value: Uj8c++R7Zvvz8k7i8Ix22X8E8wQ74H2zy4uVK7TnbuVAID7z72A7WgmTlot6Nkm4OaP9DbpPvKIzX6bzgKBXGyDzmqQ=
.yandex.com/ Name: yandexuid
Value: 9362750141725538735
.yandex.com/ Name: yashr
Value: 9202016241725538735
.yahoo.com/ Name: A3
Value: d=AQABBK-h2WYCEERfg0a5FLmdeV8-T7Wt4AoFEgEBAQHz2mbjZiXaxyMA_eMAAA&S=AQAAAiMbZhZVW79eIIKo5HMGbw4
.warthunder.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1612701445fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 9362750141725538735
.yandex.ru/ Name: yuidss
Value: 9362750141725538735
.yandex.ru/ Name: i
Value: Uj8c++R7Zvvz8k7i8Ix22X8E8wQ74H2zy4uVK7TnbuVAID7z72A7WgmTlot6Nkm4OaP9DbpPvKIzX6bzgKBXGyDzmqQ=
.yandex.ru/ Name: yp
Value: 1725625136.yu.5059840981725538735
.yandex.ru/ Name: ymex
Value: 1728130736.oyu.5059840981725538735
mc.yandex.com/ Name: yabs-sid
Value: 222457351725538736
.yandex.com/ Name: yuidss
Value: 9362750141725538735
.yandex.com/ Name: ymex
Value: 2040898736.yrts.1725538736
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGCww+a2Bg==
.warthunder.com/ Name: _gcl_au
Value: 1.1.1142794376.1725538738
.warthunder.com/ Name: _ga_3KX7RD39Z5
Value: GS1.1.1725538737.1.0.1725538738.59.0.0
.vk.com/ Name: remixlang
Value: 3
.vk.com/ Name: remixstlid
Value: 9088165398082310754_gYTrQVHPINsqoAivZAvMqfPrZgQfHbh9udUsPdY6Q4z
.warthunder.com/ Name: _fbp
Value: fb.1.1725538738110.773368185210709324
citydsp.com/ Name: userId
Value: 16251227593
.doubleclick.net/ Name: IDE
Value: AHWqTUk-wDUA-NFR7PBzKzqqp5hP9ZUgiKp4RlUj4QfbqDp49UdwOaeyAVnl649c
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.warthunder.com/ Name: analytic_id
Value: 1725538739232415
.statad.ru/ Name: serv
Value: 3
.warthunder.com/ Name: _ga
Value: GA1.2.400318229.1725538738
.warthunder.com/ Name: _gid
Value: GA1.2.1626347510.1725538741
.warthunder.com/ Name: _dc_gtm_UA-40910063-1
Value: 1
.warthunder.com/ Name: _uetsid
Value: 089b2a606b8111efb731c149f3c5d03f
.warthunder.com/ Name: _uetvid
Value: 089b60906b8111efbeb6e3556e924cc1
.bing.com/ Name: MUID
Value: 2EE679599C946BEA30506DA89D3E6A1A
.bat.bing.com/ Name: MR
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AxA4B6trtUKdjo39Cn7t4OQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.cnt.my/ Name: xcntID
Value: y21d51a713ae312ba8

2 Console Messages

Source Level URL
Text
javascript warning URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844#/
Message:
The resource https://warthunder.com/land/signupNewMF/ was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://warthunder.com/ro/play4free?r=adcash_4138295&Transaction_ID=16371170681333256670142511601370844#/
Message:
The resource https://warthunder.com/land/signupNewMF/ was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
analytics.google.com
bat.bing.com
c.amazon-adsystem.com
cdn.taboola.com
citydsp.com
connect.facebook.net
consent.cookiefirst.com
edge.cookiefirst.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
psb.taboola.com
retagro.com
s.amazon-adsystem.com
s.yimg.com
script.anura.io
sp.analytics.yahoo.com
statad.ru
staticfiles.warthunder.com
stats.g.doubleclick.net
td.doubleclick.net
trc-events.taboola.com
trc.taboola.com
uep.gaijin.net
vk.com
warthunder.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
x.cnt.my
mc.yandex.com
warthunder.com
104.20.82.98
108.138.115.149
108.139.29.79
13.226.34.75
138.199.40.58
138.201.230.88
141.226.224.48
142.250.80.36
142.250.80.72
142.250.80.98
142.250.81.238
142.251.163.154
142.251.32.99
142.251.40.206
150.171.27.10
151.101.1.44
151.101.193.44
209.54.182.161
31.13.71.36
31.13.71.7
34.237.65.186
34.248.84.180
5.189.239.94
54.88.71.74
69.147.92.11
85.17.170.54
87.240.137.164
87.250.250.119
95.211.33.59
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
04d7fd1c0a6e09ff5edef64c3e4cc22c1fd43f1ef2a5fc913ddc09495728e81b
0794ec55ac26233eb8ceed5fc64073eea5d00df95da9cc31f18b578a64762782
0855e6ceaa4b07e7e609769d0b63d4f9f800afe28bec6c5393ae841e15300de6
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
14c5eea4c2dcdc26f7182f83ba939c9565cf5d052980e1a7f39fdfb4c9a401ab
1b4d0a650dd7fd54d9d188ad219d8964f19accc8748c634d57541028ee1fa607
1ca035b94fc1216f36d794d58e97ca9b4c72dfa6b04e1f6d8bcc5a03cf8abd5b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
27fff8aaa6f8086a4589644518325e7744627d00229420683fedca0c71b7bb5c
2b3ebb39df7fd720e9d0977b2ccdb534040c0c5e642b6f47fb0e563f3f4b8d35
2d5064f5a2cd0916ac9f6af2cf6538fb7c3342df5dccd47a94dc897844596af1
2dc5445a920c70cfd88126c05980ed35e09f1294630894d8c2279b0b79039e8c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
34f1e3d537dd5698da523481c3ac3cc8eb12479da46082c42c600776bebea4cf
361b0e6ac085524fd9d903b98b6c7ab1ce453fc2e35f46e71c4ba475721ca909
414b2dab96565cc874e46d2ce69166f3e786cec44e1328e70d81ae8643cd52cb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c9b1492d5087d1e5e895939f29fffac5e1c7a1f9a5b660df707989fb258ab6e
511ef2e6e365fe8cee32249c93a5ae663be48a52c6dac8e32b9d519ac30e5b0d
52b955b58e3c9b5cfddca997c790e23ef12ea106ec1a3d1872e8bf28c5d5a625
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
665a618c1cbb3e534f1bdf0c7c110acbeb6d85b767c6efe05b3daab1ce2c8109
66fcdd6edf1c40b5775583e5a3bc86eb1c2e1c06e13b6a968f29c60b16f2ba5e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7567250970a6e086d9a03651a9e5d3f20fc7e65ec6df07f2d0f3421f32414695
7ad0f48970e4c0d18e737e4455fb56a8575e19a368dd6e2f28761b4025c1c514
86052501ca3c6a969af6c6fd2068196fa02884514cb6ee72b7e5bcbf4f6fd5ba
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
96058d990019f3175d8a1a59a72655209b22d420acecc1401ba6baa66dac8eb5
9799f6f527085a991357c6888ee0db528c9274325e4a63cdace7b858d1da2791
9c4a3cf6f5a9f0b789a84827b42a8236c1089319196a508478b05e757205f5bd
a235221b0ba2a5a09a9a12c35a1cbe02067349273d28520a17986c9ae821bb6a
a29f883a136c42b13d6a82d093e2a6fd139b0b9406e64ed01e612a4482a79e2b
a7800b2c17b1d0262508f37d724ff203b5f3bf87c8f214927ddb4e43405fc950
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
aebe8df81ee2ba5bc51e3abc322910ee5122a0ac06edfbcf7a04e1659d17dc9c
aff4aaea9402206152ef3323104ffe00c50f30a5ef953ca2adaed80ddddb61e6
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb
b604e18370e4d2d157036b796fe9bde8710565d5c37d5c71774f8e4cc89f0640
b7f94867d8fe3a53b6bf7b0c773e7d3e91442aa825fea7f5d11cec4d33477bf4
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
cd55cf914977eab04e43940b2a3b88ff0e01919f62033caf186a9cbe5c6fc63b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d34b5a3fa538d8d9e600013a738026b9f44f97273ec15030de636b38c1baba4a
d4e61187cc24285395b19bcccb580686e908716f7ce0c4ebd2502122f7722834
d6274c461ae839905b1822f04b11aa4a2415904fd3aec931f46c7ff62cc3b5c2
d7e390c04c441db46d42cad2251133f522bf974d43024518fc4450479e67ca72
dd002ec69d4a3233b2ed73086aa2417ba673bb9c95906b1da9b6c4e70006f52a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfaeefef7d25b2134fa74db0a27ea2d1daf101b2871c84fa31315906e28daddb
e03f1c481916355121bcb322ca3fe8096a6ace47f64c486d5c058926f140eadb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1
ee9d73ad0cdbd1d895970202a0d924060d33147a3ab7c291120817848d1c25b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f076831b414f38e8872d8ee68119cd310f67805b1da881ea95f04e2b032559c1