join.worldoftanks.com Open in urlscan Pro
92.223.51.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6K...
Effective URL:
https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid...
Submission: On December 19 via api (December 19th 2024, 7:00:37 am UTC) from US — Scanned from US

Summary HTTP 38 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 16 domains to perform 38 HTTP transactions. The main IP is 92.223.51.163, located in Luxembourg, Luxembourg and belongs to GCORE G-Core Labs S.A., LU. The main domain is join.worldoftanks.com. The Cisco Umbrella rank of the primary domain is 446886.
TLS certificate: Issued by R11 on November 24th 2024. Valid for: 3 months.

This is the only time join.worldoftanks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	88.208.22.2 88.208.22.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS DataWeb Global Group B.V.)
1	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
5	139.45.196.64 139.45.196.64	9002 (RETN-AS R...) (RETN-AS RETN Limited)
2	172.67.169.157 172.67.169.157	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 9	104.18.23.222 104.18.23.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	49.51.78.191 49.51.78.191	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1 1	35.204.100.195 35.204.100.195	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.204.130.99 35.204.130.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a03:90c0:81:... 2a03:90c0:81:2102::230	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
1	92.223.51.163 92.223.51.163	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
12	2a03:90c0:999... 2a03:90c0:9996::9996	199524 (GCORE G-C...) (GCORE G-Core Labs S.A.)
3	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	10

2 88.208.22.2 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)

28907606-29396-ex.hydramaterrep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)

ads.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.196.64 (United Kingdom)

ASN9002 (RETN-AS RETN Limited, GB)

leikovoleikamarada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.169.157 (United States)

ASN13335 (CLOUDFLARENET, US)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.23.222 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

vurtaichu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.51.78.191 (Ashburn, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

paychat.fuse-cloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.100.195 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 195.100.204.35.bc.googleusercontent.com

track.wargaming-aff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.130.99 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.130.204.35.bc.googleusercontent.com

track.wg-aff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:81:2102::230 (Luxembourg, Luxembourg) 1 redirects

ASN199524 (GCORE G-Core Labs S.A., LU)

trck.wargaming.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.51.163 (Luxembourg, Luxembourg)

ASN199524 (GCORE G-Core Labs S.A., LU)

join.worldoftanks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:90c0:9996::9996 (United States)

ASN199524 (GCORE G-Core Labs S.A., LU)

lms-static.wgcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn2wotcom.gcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	wgcdn.co lms-static.wgcdn.co — Cisco Umbrella Rank: 402648	521 KB
9	vurtaichu.net 2 redirects vurtaichu.net	18 KB
5	leikovoleikamarada.com leikovoleikamarada.com — Cisco Umbrella Rank: 908885	16 KB
3	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 329	17 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 10565	2 KB
2	hydramaterrep.com 1 redirects 28907606-29396-ex.hydramaterrep.com	4 KB
1	gcdn.co cdn2wotcom.gcdn.co Failed	7 MB
1	worldoftanks.com join.worldoftanks.com — Cisco Umbrella Rank: 446886	8 KB
1	wargaming.net 1 redirects trck.wargaming.net — Cisco Umbrella Rank: 218369	1 KB
1	wg-aff.com 1 redirects track.wg-aff.com	341 B
1	wargaming-aff.com track.wargaming-aff.com — Cisco Umbrella Rank: 258113 Failed	152 B
1	fuse-cloud.com paychat.fuse-cloud.com — Cisco Umbrella Rank: 740991	1 KB
1	google.com ads.google.com — Cisco Umbrella Rank: 23719
0	onetrust.com Failed geolocation.onetrust.com Failed
0	googletagmanager.com Failed www.googletagmanager.com Failed
0	googleapis.com Failed fonts.googleapis.com Failed
38	16

	Domain	Requested by
11	lms-static.wgcdn.co	join.worldoftanks.com
9	vurtaichu.net	2 redirects leikovoleikamarada.com vurtaichu.net
5	leikovoleikamarada.com	28907606-29396-ex.hydramaterrep.com leikovoleikamarada.com
3	cdn.cookielaw.org	join.worldoftanks.com cdn.cookielaw.org
2	my.rtmark.net	leikovoleikamarada.com vurtaichu.net
2	28907606-29396-ex.hydramaterrep.com	1 redirects
1	cdn2wotcom.gcdn.co	join.worldoftanks.com
1	join.worldoftanks.com	28907606-29396-ex.hydramaterrep.com
1	trck.wargaming.net	1 redirects
1	track.wg-aff.com	1 redirects
1	track.wargaming-aff.com	paychat.fuse-cloud.com
1	paychat.fuse-cloud.com
1	ads.google.com	28907606-29396-ex.hydramaterrep.com
0	geolocation.onetrust.com Failed	cdn.cookielaw.org
0	www.googletagmanager.com Failed	join.worldoftanks.com
0	fonts.googleapis.com Failed	join.worldoftanks.com
38	16

This site contains links to these domains. Also see Links.

Domain
na.wargaming.net
legal.na.wargaming.net
legal.eu.wargaming.net
wargaming.net
www.esrb.org

Subject Issuer	Validity	Valid
*.hydramaterrep.com R11	`2024-12-11` - `2025-03-11`	3 months	crt.sh
adwords.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
leikovoleikamarada.com R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh
my.rtmark.net WE1	`2024-11-06` - `2025-02-04`	3 months	crt.sh
vurtaichu.net WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
*.fuse-cloud.com Thawte TLS RSA CA G1	`2024-05-10` - `2025-05-18`	a year	crt.sh
*.worldoftanks.com R11	`2024-11-24` - `2025-02-22`	3 months	crt.sh
*.wgcdn.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-18` - `2025-04-18`	a year	crt.sh
cookielaw.org WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
*.gcdn.co DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-03` - `2025-08-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Frame ID: 96CB218D5992D60DDCACD49296C0E1DB
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

World of Tanks—Free-to-Play Tank Action MMO. Download now and play for free!

Page URL History Show full URLs

https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3l... Page URL
https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3l... HTTP 307
https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
https://vurtaichu.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x Page URL
https://vurtaichu.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
http://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780 HTTP 307
https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780 Page URL
https://track.wargaming-aff.com/click?pid=2443&offer_id=114&ref_id=02637268476431734591630860316&sub1=1108&s... HTTP 302
https://track.wg-aff.com/click?pid=45&offer_id=23&sub1=2443&sub2=114 HTTP 302
https://trck.wargaming.net/q3y24x3t/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_par... HTTP 301
https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443... Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

38
Requests

87 %
HTTPS

33 %
IPv6

16
Domains

16
Subdomains

10
IPs

5
Countries

7831 kB
Transfer

8148 kB
Size

10
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://na.wargaming.net/registration/en/?game=wot&style=dark
Title: PLAY NOW ON PC

Search URL Search Domain Scan URL

URL: https://na.wargaming.net/support/en/products/wot/
Title: PLAYER SUPPORT

Search URL Search Domain Scan URL

URL: https://legal.na.wargaming.net/en/eula/
Title: EULA

Search URL Search Domain Scan URL

URL: https://legal.eu.wargaming.net/en/privacy-policy/
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://wargaming.net/

Search URL Search Domain Scan URL

URL: http://www.esrb.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Page URL
https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Wed%20Dec%2018%202024%2021%3A00%3A28%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22600%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
https://vurtaichu.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x Page URL
https://vurtaichu.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
http://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780 HTTP 307
https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780 Page URL
https://track.wargaming-aff.com/click?pid=2443&offer_id=114&ref_id=02637268476431734591630860316&sub1=1108&sub2=6118780&sub3= HTTP 302
https://track.wg-aff.com/click?pid=45&offer_id=23&sub1=2443&sub2=114 HTTP 302
https://trck.wargaming.net/q3y24x3t/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114 HTTP 301
https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2216%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Wed%20Dec%2018%202024%2021%3A00%3A28%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22600%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Request Chain 8

https://vurtaichu.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Request Chain 14

https://vurtaichu.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
http://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780 HTTP 307
https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g Show response
28907606-29396-ex.hydramaterrep.com/ 8 KB
3 KB 587ms
141ms Document
text/html 88.208.22.2
ADVANCEDHOSTERS-A...

General

Check archive.org

Show headers Download Go to

Full URL: https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.2 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 28287798516282a6c9292257e6c5c2cc765911b7e5630e777dfcc469d6cbbe11

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html
date: Thu, 19 Dec 2024 07:00:28 GMT
expires: Thu, 19 Dec 2024 07:00:28 UTC
last-modified: Thu, 19 Dec 2024 07:00:28 UTC
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
server: nginx
vary: Accept-Encoding

HEAD
H2 429 /
ads.google.com/ 0
0 668ms
519ms Fetch
text/html 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.google.com/
Requested by: Host: 28907606-29396-ex.hydramaterrep.com
URL: https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1103
date: Thu, 19 Dec 2024 07:00:28 GMT
content-type: text/html; charset=UTF-8

GET
H2

200

link Show response
leikovoleikamarada.com/
Redirect Chain

https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chi...
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

31 KB
15 KB

556ms
276ms

Document
text/html

139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Requested by

Host: 28907606-29396-ex.hydramaterrep.com
URL: https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

cf5a49c268dc586c9ddc7f8c4445cf9d12183a59aeb3b20e66d59f3ac8528cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory: 8

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 19 Dec 2024 07:00:28 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 19 Dec 2024 07:00:28 GMT
expires: Thu, 19 Dec 2024 07:00:28 UTC
last-modified: Thu, 19 Dec 2024 07:00:28 UTC
location: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
server: nginx

GET
H3 200 img.gif
my.rtmark.net/ 43 B
880 B 189ms
150ms Image
image/gif 172.67.169.157
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=008137df3be74dabe5ae4b5964f482db&z=7205186&p_rid=b9e8e678-9f5c-4615-94b8-14254c4fb374&p_src=sf

Requested by

Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://leikovoleikamarada.com/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEL4V73es3uGEBc%2F2r5%2B55mRwwSsIYcfytLP5EgQ065YdN3gX7mx%2FGTHKoa9q2z7rISJa%2BNeFESRZGssTs6Bvrhnxio6r2qXQntXh4f8P5LiQH8mD3fx9S%2FXXd0OMWP7"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30227&min_rtt=30212&rtt_var=11340&sent=11&recv=7&lost=0&retrans=2&sent_bytes=4575&recv_bytes=4392&delivery_rate=105802&cwnd=12000&unsent_bytes=0&cid=4c9fd63d19c49b8d&ts=156&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 07:00:29 GMT
content-type: image/gif
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f4584119efc74b8-MIA
access-control-allow-origin: *
content-length: 43
server: cloudflare

GET
H2 200 sftouch
vurtaichu.net/ 43 B
662 B 232ms
159ms Image
image/gif 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vurtaichu.net/sftouch?userId=008137df3be74dabe5ae4b5964f482db&z=7205186&p_rid=b9e8e678-9f5c-4615-94b8-14254c4fb374&p_src=sf&branchId=0&rb=fY5sRYkxBFUjkU6Ie4xMzh44nXqN_S22WqrPYCS8Nhk20D7GHNN9wQvgxu0Q5L7G_rj05FvmBZZBnQQcakDJIkJK9j5-1Pq3RedfPxPxW-U6nHfvc2h3wvWSXbQkVll87gcvypDbJI1VAgAk_E7lhxqV_BZEco8j5HwfiWe0uvjlukziyRp-ZkHUVeLKIHFr8X1Zx2e_Jq76Tgh2Yckqg7bjUkK2aHbUdCIz7Xae9BNxfhK6pFGCLY5Ozw1G9v3bXm3T7n9kWLQt6AiBLtiV-m0iixtMFeKzph0y6fmGB6zHHXqiIHAk7A4TNcT8VncNO1Y1t0j23kIqKFxhku83Vdtq2OeUc-fcbBx7aavLHw2ebABf2StgjuqnBIngt7BmtbjMVwc9ZJrKUGSpegMOa7e-jiQWUuBi0w7uoLfu23FZ_BqkS1AnQqCrcH1-b83EAgL1FSnEhsfHNzIRfAjR3RY0qUFphWmfhvsyc4N5feaisXLhp8asylA1HFiY_EGlckZ4kiqcDVjqptqQxZp8wjFQG9kfJVpfbj6IUQHUNjDx-GZ1ZSQtWAcDW50gsjIpueQ245m2-f5Wpblz2Ryxo16VqxmIrDosl91NgQS9Ss4CHuxilxy4kt_NLVlOAHDPtnWdiwtQDZ3o3PwfcPfhAI49z-NWatmFGur1BEF68dMI6rPKPDqqoTY3K4kRJYKtzhDXDugI13WRn8AHD78HLJ1Unkw8Onsu2eTcYyKXF7Od4vzypEvrKeTfXHq18Mai51hgXrviANw=&w_img=1

Requested by

Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://leikovoleikamarada.com/

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 19 Dec 2024 07:00:29 GMT
content-type: image/gif
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 142621017338f0ad85a0b5490b82a614
cf-ray: 8f458411ecccd9b9-MIA
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H2 200 add
leikovoleikamarada.com/log/ 12 B
390 B 152ms
150ms XHR
application/json 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://leikovoleikamarada.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b9e8e678-9f5c-4615-94b8-14254c4fb374

Requested by

Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://leikovoleikamarada.com
content-length: 12
date: Thu, 19 Dec 2024 07:00:29 GMT
content-type: application/json; charset=utf-8
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

POST
H2 200 add Show response
leikovoleikamarada.com/async_log/ 0
344 B 140ms
138ms XHR
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://leikovoleikamarada.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=b9e8e678-9f5c-4615-94b8-14254c4fb374

Requested by

Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
access-control-allow-origin: https://leikovoleikamarada.com
content-length: 0
date: Thu, 19 Dec 2024 07:00:29 GMT
server: nginx
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2 204 favicon.ico
leikovoleikamarada.com/ 0
150 B 140ms
138ms Other
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://leikovoleikamarada.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Thu, 19 Dec 2024 07:00:29 GMT
pragma: public
server: nginx

GET
H2

200

6118780 Show response
vurtaichu.net/4/
Redirect Chain

https://vurtaichu.net/?z=7205186&syncedCookie=true&rhd=false
https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

31 KB
14 KB

319ms
317ms

Document
text/html

104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a1a4055e1b17eee2cbec7ad61a77ee2f999b57d99dffd4fec3d3ba410257b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://leikovoleikamarada.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f4584145adada7f-MIA
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 19 Dec 2024 07:00:29 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://leikovoleikamarada.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8f45841339feda7f-MIA
content-length: 0
date: Thu, 19 Dec 2024 07:00:29 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://vurtaichu.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 9af74ed14f23b9e747e8d005df091619

GET
H2 204 favicon.ico
leikovoleikamarada.com/ 0
0 91ms
91ms Other
text/plain 139.45.196.64
RETN-AS RETN Limited

General

Check archive.org

Show headers Download Go to

Full URL: https://leikovoleikamarada.com/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
date: Thu, 19 Dec 2024 07:00:29 GMT
pragma: public
server: nginx

GET
H3 200 img.gif
my.rtmark.net/ 43 B
874 B 197ms
162ms Image
image/gif 172.67.169.157
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0081373c23754b7ef222fa98730e1e34&z=6118780&p_rid=d426c8c3-73c1-4b22-9eb0-b70cdadff6bf&p_src=sf

Requested by

Host: vurtaichu.net
URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://vurtaichu.net/

Response headers

access-control-expose-headers: Authorization
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=374l2a8gYXXHTpbc7G15ODk5a5PK0KLut0GepunMuUGohcE8GM1fVd%2BZ6gPuLG5Bx42RzVD8PbTqIXc3VAo2%2FhkREEYV%2FQMriWswbzyLJiin4oaL20A72v18dPVFsn7u"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30109&min_rtt=29548&rtt_var=5563&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4535&delivery_rate=484&cwnd=12000&unsent_bytes=0&cid=1ce254addc84ef27&ts=165&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 19 Dec 2024 07:00:30 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security: max-age=1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *, *
access-control-allow-credentials: true
cf-ray: 8f458416e8504c21-MIA
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add
vurtaichu.net/log/ 12 B
369 B 154ms
153ms XHR
application/json 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vurtaichu.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d426c8c3-73c1-4b22-9eb0-b70cdadff6bf

Requested by

Host: vurtaichu.net
URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

cf-cache-status: DYNAMIC
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 07:00:30 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
strict-transport-security: max-age=1
timing-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8f458416fc5aa512-MIA
access-control-allow-origin: https://vurtaichu.net
content-length: 12
server: cloudflare

GET
H3 200 sftouch
vurtaichu.net/ 43 B
562 B 146ms
145ms Image
image/gif 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vurtaichu.net/sftouch?userId=0081373c23754b7ef222fa98730e1e34&z=6118780&p_rid=d426c8c3-73c1-4b22-9eb0-b70cdadff6bf&p_src=sf&branchId=0&rb=vA8bQpX-Xp0X4pMHy0EK1qkGbn2HMiS0CRnFeseBseEBYzHuGXG3B7-LLdz1TZtRb8wC0Maf5l1v8y9NitaVVzWFTTtq7QODGZ2Nie8Cs29EoeSNkv0D9V6CMTrOJYe2IrVTUAuZyUJnQZ-pmRV49JjwEnqqxCb8srFpFxeWa8lz3kAvSQTWkBOmYoMRmuQbSNkMXujCp8A2BC7o_h9X6IOyX90xU6s162PMoPW7-U8qi46hVfNh-OVCsMP0piOEW0iOP74_EjFcZu4UaAwI8rNXzG39Hp1wyq_BKQXrE5mMXgzHghECGw==&w_img=1

Requested by

Host: vurtaichu.net
URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

access-control-max-age: 86400
cf-cache-status: DYNAMIC
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Tue, 11 Jan 1994 10:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 07:00:30 GMT
content-type: image/gif
priority: u=3,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security: max-age=1
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *, *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
x-trace-id: 10fc76c47aff53997ab07ae447ef559b
cf-ray: 8f4584170c6da512-MIA
access-control-allow-origin: *
content-length: 43
server: cloudflare

POST
H3 200 add
vurtaichu.net/async_log/ 0
289 B 180ms
179ms XHR
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vurtaichu.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d426c8c3-73c1-4b22-9eb0-b70cdadff6bf

Requested by

Host: vurtaichu.net
URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x

Response headers

strict-transport-security: max-age=1
timing-allow-origin: *
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
cf-ray: 8f4584171c72a512-MIA
access-control-allow-origin: https://vurtaichu.net
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Thu, 19 Dec 2024 07:00:30 GMT
server: cloudflare
priority: u=1,i
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

GET
H2

200

tl Show response
paychat.fuse-cloud.com/
Redirect Chain

https://vurtaichu.net/?z=6118780&syncedCookie=true&rhd=false
http://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780
https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780

921 B
1 KB

203ms
58ms

Document
text/html

49.51.78.191
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.78.191 Ashburn, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: d9d39af7c1673eb33ff290a2e5a1f0edbb8e4cfec428d95bc7a896a94c8a376d

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://vurtaichu.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 921
content-type: text/html; charset=utf-8
date: Thu, 19 Dec 2024 07:00:30 GMT
expires: Sun, 06 Nov 1994 08:49:37 GMT
p3p: CP="NOI CUR OUR NOR INT"
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow

Redirect headers

Location: https://paychat.fuse-cloud.com/tl?a=1108&o=4570&aff_click_id=893504657404727493&SUB_AFFID=6118780
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 204 favicon.ico
vurtaichu.net/ 0
212 B 41ms
40ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vurtaichu.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://vurtaichu.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1372003
cf-ray: 8f4584184d59a512-MIA
expires: Sun, 17 Dec 2034 07:00:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 07:00:30 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3 204 favicon.ico
vurtaichu.net/ 0
0 21ms
21ms Other
text/plain 104.18.23.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vurtaichu.net/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://vurtaichu.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control: public, max-age=315360000
cf-cache-status: HIT
pragma: public
age: 1372003
cf-ray: 8f4584184d59a512-MIA
expires: Sun, 17 Dec 2034 07:00:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 19 Dec 2024 07:00:30 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET click
track.wargaming-aff.com/ 0
0

GET
H/1.1

200
OK

Primary Request / Show response
join.worldoftanks.com/1600950461/en_us/
Redirect Chain

https://track.wargaming-aff.com/click?pid=2443&offer_id=114&ref_id=02637268476431734591630860316&sub1=1108&sub2=6118780&sub3=
https://track.wg-aff.com/click?pid=45&offer_id=23&sub1=2443&sub2=114
https://trck.wargaming.net/q3y24x3t/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114
https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK...

31 KB
8 KB

512ms
157ms

Document
text/html

92.223.51.163
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Requested by: Host: 28907606-29396-ex.hydramaterrep.com
URL: https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 92.223.51.163 Luxembourg, Luxembourg, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 041a9050cb0213de1833527b3d55a46d88e7129a299fd37bdd117f22af5be6fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 19 Dec 2024 07:00:33 GMT
ETag: W/"671790c4-7dc6"
Last-Modified: Tue, 22 Oct 2024 11:47:16 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 22
Content-Type: text/plain; charset=utf-8
Date: Thu, 19 Dec 2024 07:00:32 GMT
Location: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Server: nginx

GET css
fonts.googleapis.com/ 0
0

GET
H2 200 vendors~app.a6ba7bbd.js Show response
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 185 KB
62 KB 188ms
116ms Script
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/vendors~app.a6ba7bbd.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 8052241fe12c5981a448f5f3b3cc29533dfaf04d464084dc0fd90c931e4eea13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
content-encoding: gzip
etag: W/"671790c4-2e55a"
age: 1336637
traceparent: 00-d01da362fc5cf6d7f76ef6332111aac0-ab4ae4f91adff011-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-12-03T19:43:16+00:00
vary: Accept-Encoding

GET
H2 200 app.1afdea26.css
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 40 KB
7 KB 102ms
31ms Stylesheet
text/css 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/app.1afdea26.css
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: ce19047cdde0a0c8762adf3d8f450569b7c536550f75b28571cccb6a397e50c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
content-encoding: gzip
etag: W/"671790c4-9ec2"
age: 1399042
traceparent: 00-9730f3d537e45fd339e90c623eaa21dc-5f64ec10bb87dda4-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: text/css
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-12-03T02:23:11+00:00
vary: Accept-Encoding

GET
H2 200 app.41cb52fe.js Show response
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 96 KB
22 KB 188ms
117ms Script
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/app.41cb52fe.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 59d32ad39544a1e9509670ba52a1cde4e48a445e782d234ab71984b76449dd79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
content-encoding: gzip
etag: W/"671790c4-17ec1"
age: 3666537
traceparent: 00-a45b7db8a1ac22a7ece3776dea757b87-84f387e89a4c4593-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-11-06T20:31:36+00:00
vary: Accept-Encoding

GET
H2 200 a3c86a67f4c5bb1c6cdb50b1092c0761_1600946860.jpg
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ 364 KB
365 KB 105ms
34ms Image
image/jpeg 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/a3c86a67f4c5bb1c6cdb50b1092c0761_1600946860.jpg
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
etag: "5f6c82ac-5b11c"
age: 5067486
traceparent: 00-4946278dcd6f5c1dfeaa87c6f36f37da-16a7582ffcf26e96-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 373020
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: image/jpeg
last-modified: Thu, 24 Sep 2020 11:27:40 GMT
server: nginx
x-cached-since: 2024-10-21T15:22:27+00:00

GET
H2 200 04b0ba212e17098cc7786c56bca5d832_1600946934.png
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ 7 KB
7 KB 187ms
117ms Image
image/png 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/04b0ba212e17098cc7786c56bca5d832_1600946934.png
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
etag: "5f6c82f6-1a06"
age: 15705570
traceparent: 00-21c4e410c17806f9febfbdc6d00f5eda-7b4a8e4c2e2e09f1-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6662
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: image/png
last-modified: Thu, 24 Sep 2020 11:28:54 GMT
server: nginx
x-cached-since: 2024-06-20T12:21:03+00:00

GET
H2 200 9a3147f7202207fd86f303867669af7c_1600947283.png
lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/ 2 KB
2 KB 140ms
117ms Image
image/png 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-eu-wothq-1691/9a3147f7202207fd86f303867669af7c_1600947283.png
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
etag: "5f6c8453-624"
age: 15706102
traceparent: 00-07df2940e1eb86a5770e61e88112e34c-86878e51f83cae97-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1572
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: image/png
last-modified: Thu, 24 Sep 2020 11:34:43 GMT
server: nginx
x-cached-since: 2024-06-20T12:12:11+00:00

GET
H2 200 75eec5a819fd971e63a55c466a36211c_1680441088.png
lms-static.wgcdn.co/videoback-ongoing-na-wothq-1691/ 28 KB
29 KB 129ms
128ms Image
image/png 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-na-wothq-1691/75eec5a819fd971e63a55c466a36211c_1680441088.png
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
etag: "64297f00-7186"
age: 15706102
traceparent: 00-af72634f381c7fcd68209b0798f7e26d-a8447fd39e7a06ac-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29062
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: image/png
last-modified: Sun, 02 Apr 2023 13:11:28 GMT
server: nginx
x-cached-since: 2024-06-20T12:12:11+00:00

GET
H2 200 adc7b861314b6562f2e467f49b1b26b1_1729597490.jpg
lms-static.wgcdn.co/videoback-ongoing-na-wothq-1691/ 21 KB
21 KB 127ms
126ms Image
image/jpeg 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lms-static.wgcdn.co/videoback-ongoing-na-wothq-1691/adc7b861314b6562f2e467f49b1b26b1_1729597490.jpg
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 277608d596f10979339f990d6b88f190fd4619f524271684f67d8f78f449ceb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
etag: "67179032-5383"
age: 4993167
traceparent: 00-842ddd5e99ef12eacf1a5d7ec2f080fb-ae31779f9888ed5e-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21379
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: image/jpeg
last-modified: Tue, 22 Oct 2024 11:44:50 GMT
server: nginx
x-cached-since: 2024-10-22T12:01:06+00:00

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/ 33 KB
5 KB 125ms
49ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/OtAutoBlock.js

Requested by

Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4685e65a52d104ef09632bd35e0c65d2e9fc5382e31def5a53911083ef6827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: IX9wlXLoZWHZCO+W52HYgQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCA4C51DE7FA06
age: 72141
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 20 Dec 2024 07:00:33 GMT
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: application/javascript
last-modified: Mon, 15 Jul 2024 11:56:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 0be269a5-601e-0053-7a4c-268f85000000
cf-ray: 8f45842d4a7da69e-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4703
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 116ms
42ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD1DE4B7A34202
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 75191
x-content-type-options: nosniff
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: application/javascript
last-modified: Mon, 16 Dec 2024 15:17:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 1138e44e-a01e-0067-6135-50202d000000
cf-ray: 8f45842d4a7ea69e-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7211
x-ms-blob-type: BlockBlob
server: cloudflare

GET gtm.js
www.googletagmanager.com/ 0
0

GET
H2 200 eval.js
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 0
305 B 129ms
128ms Other
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/eval.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
etag: "671790c4-b1"
age: 1641361
traceparent: 00-04596fafd6185dc35942880af3705bd1-50b1f7c414b8f56f-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 177
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-11-30T07:04:32+00:00

GET
H2 200 riddler.js
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 0
5 KB 128ms
127ms Other
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/riddler.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
content-encoding: gzip
etag: W/"671790c4-4391"
age: 3868732
traceparent: 00-edd5e519e7cb0602c5a12c5a7e459782-28197770203773eb-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-11-04T12:21:41+00:00
vary: Accept-Encoding

GET
H2 200 sha3.js
lms-static.wgcdn.co/1600950461/dist/landing/videoback/ 0
2 KB 130ms
129ms Other
application/javascript 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/sha3.js
Requested by: Host: join.worldoftanks.com
URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

cache: HIT
cache-control: max-age=315360000
x-id: mi1-hw-edge-gc28
content-encoding: gzip
etag: W/"671790c4-1704"
age: 2263676
traceparent: 00-494827e121c3f0947142521862ba60be-75b90b7c84d6dd02-01
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 11:47:16 GMT
server: nginx
x-cached-since: 2024-11-23T02:12:37+00:00
vary: Accept-Encoding

GET WOT_New_videoback_v3.webm
cdn2wotcom.gcdn.co/promo_web/WOT/March2019/ 0
0

GET
H2 200 393e4538-8874-4e85-b1b1-120b3ea5be28.json Show response
cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/ 10 KB
4 KB 116ms
45ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/393e4538-8874-4e85-b1b1-120b3ea5be28/393e4538-8874-4e85-b1b1-120b3ea5be28.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9913f3fb52dd7a2168336c13c57e85bbe11a40b30dbd8a8dd6e6d615edd390b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://join.worldoftanks.com/

Response headers

content-md5: H3nzD0EH/+Y7U1WK5PMMuA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCA4C51E2C30D6
age: 77858
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 20 Dec 2024 07:00:33 GMT
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: application/json
last-modified: Mon, 15 Jul 2024 11:56:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 4b6dcba2-101e-00fd-244c-26ace8000000
cf-ray: 8f45842e1ad6e9f0-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3704
x-ms-blob-type: BlockBlob
server: cloudflare

GET location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 0
0

GET
H2 206 WOT_New_videoback_v3.mp4
cdn2wotcom.gcdn.co/promo_web/WOT/March2019/ 7 MB
7 MB 73ms
72ms Media
video/mp4 2a03:90c0:9996::9996
GCORE G-Core Labs...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_videoback_v3.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9996::9996 , United States, ASN199524 (GCORE G-Core Labs S.A., LU),
Reverse DNS
Software: nginx /
Resource Hash: 3bf8ae11541ba6e5f129b5e8d812fe2961a6b32174e0e809946660a8e2887211

Request headers

Referer: https://join.worldoftanks.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache: HIT
cache-control: max-age=290304000, public
x-id: mi1-hw-edge-gc27
etag: "711c3c-583e031626c00"
age: 12780850
Content-Range: bytes 0-7412795/7412796
traceparent: 00-f237778e40855167ecadc713c0118355-febef725e7309a5c-01
expires: Thu, 24 Jul 2025 08:46:23 GMT
Content-Length: 7412796
date: Thu, 19 Dec 2024 07:00:33 GMT
content-type: video/mp4
last-modified: Tue, 12 Mar 2019 06:56:48 GMT
server: nginx
x-cached-since: 2024-07-24T08:46:23+00:00

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.wargaming-aff.com
URL: https://track.wargaming-aff.com/click?pid=2443&offer_id=114&ref_id=02637268476431734591630860316&sub1=1108&sub2=6118780&sub3=

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+KR:400,700|Noto+Sans+JP:400,700|Roboto+Condensed:400,700&display=swap&subset=cyrillic,greek,vietnamese

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58QVDL8

Domain: cdn2wotcom.gcdn.co
URL: https://cdn2wotcom.gcdn.co/promo_web/WOT/March2019/WOT_New_videoback_v3.webm

Domain: geolocation.onetrust.com
URL: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| OptanonWrapper object| OneTrustStub object| OtTrustedType

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
leikovoleikamarada.com/	1970-01-21 10:35:27	Name: allcnt Value: 1
my.rtmark.net/	1970-01-21 10:35:27	Name: ID Value: 008137df3be74dabe5ae4b5964f482db
vurtaichu.net/	1970-01-21 10:35:27	Name: oaidts Value: 1734591629
vurtaichu.net/	1970-01-21 10:35:27	Name: OAID Value: 008137df3be74dabe5ae4b5964f482db
vurtaichu.net/	1970-01-21 01:59:56	Name: syncedCookie Value: true
track.wg-aff.com/	1970-01-21 10:35:27	Name: afclick Value: 6763c48f3bf4650001fb607c
track.wg-aff.com/	1970-01-21 10:35:27	Name: afoffers Value: {"23":1734591631}
.wargaming.net/	1970-01-21 02:33:03	Name: STIDREFERRAL Value: SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA
.wargaming.net/	1970-01-21 02:33:03	Name: enctid Value: d6fhezamsz7r
.wargaming.net/	1970-01-21 11:25:51	Name: teclient Value: 1734591632736980164

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://28907606-29396-ex.hydramaterrep.com/iiVHBowzPA3mZtczvVjFKSBPldkRvoHRdvxQaM_NHM9AZ82T99dTo8KPV9Jredyen94AJPR21K3leuuzHOKnYBaKm6GluL6KcgcfSLROzxKSN7UHClA3VC8HBrlx6g?kws=download%2Cmurrah%2Chindi%2Chot%2Cweb%2Cseries%2Cnuefliks%2Coomaal&abl=0&fsb=0&pageUri=https%3A%2F%2Fog...%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0302C13E4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://ads.google.com/ Message: Failed to load resource: the server responded with a status of 429 ()
rendering	warning	URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid} Message: [GroupMarkerNotSet(crbug.com/242999)!:A0302C13E4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A040E01DE4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://vurtaichu.net/4/6118780?var=7205186&btz=Pacific/Honolulu&bto=600&bar=x Message: [GroupMarkerNotSet(crbug.com/242999)!:A0302C13E4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://vurtaichu.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false Message: [GroupMarkerNotSet(crbug.com/242999)!:A0300E22E4230000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	warning	URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45 Message: The resource https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/app.41cb52fe.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://join.worldoftanks.com/1600950461/en_us/?t=1&pub_id=45&xid=6763c48f3bf4650001fb607c&xid_param1=2443&xid_param_2=114&sid=SIDcRulEWqmvpMc0Kc8nsYHjXYzXxQXvm7BwAJsvsn3bDXMkhi5kgw2b8Xw0unGQSaw7gK14J_KY0RZBElJ1udLbG7C1EiG0gr5ujpgLquFeVb2g5wQ7r1PAuT65W4Zir5_9oBTK4Me_pwcjA&enctid=d6fhezamsz7r&lpsn=WOT+ONGOING+WW+Videoback+LMS+WOTHQ-1691&foris=0&teclient=1734591632736980164&utm_source=wlap&utm_medium=affiliate&utm_campaign=q3y24x3t&utm_content=45 Message: The resource https://lms-static.wgcdn.co/1600950461/dist/landing/videoback/vendors~app.a6ba7bbd.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28907606-29396-ex.hydramaterrep.com
ads.google.com
cdn.cookielaw.org
cdn2wotcom.gcdn.co
fonts.googleapis.com
geolocation.onetrust.com
join.worldoftanks.com
leikovoleikamarada.com
lms-static.wgcdn.co
my.rtmark.net
paychat.fuse-cloud.com
track.wargaming-aff.com
track.wg-aff.com
trck.wargaming.net
vurtaichu.net
www.googletagmanager.com
cdn2wotcom.gcdn.co
fonts.googleapis.com
geolocation.onetrust.com
track.wargaming-aff.com
www.googletagmanager.com
104.18.23.222
139.45.196.64
172.67.169.157
2606:4700::6812:562a
2607:f8b0:4006:816::200e
2a03:90c0:81:2102::230
2a03:90c0:9996::9996
35.204.100.195
35.204.130.99
49.51.78.191
88.208.22.2
92.223.51.163
041a9050cb0213de1833527b3d55a46d88e7129a299fd37bdd117f22af5be6fb
07871f75a6f4007f7f7d9adf5382f953c1dce8407149662dd88617a1d8d4055a
0eb8340c0b3fc3e36cd816cb9ce8e819b64b40ded2504741eb4662bb10eea015
1a1a4055e1b17eee2cbec7ad61a77ee2f999b57d99dffd4fec3d3ba410257b37
277608d596f10979339f990d6b88f190fd4619f524271684f67d8f78f449ceb4
28287798516282a6c9292257e6c5c2cc765911b7e5630e777dfcc469d6cbbe11
3038bb7d8adebbe73e330bbea5739b04efe6b04d5a1d81db314bd29251813967
3bf8ae11541ba6e5f129b5e8d812fe2961a6b32174e0e809946660a8e2887211
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
59d32ad39544a1e9509670ba52a1cde4e48a445e782d234ab71984b76449dd79
8052241fe12c5981a448f5f3b3cc29533dfaf04d464084dc0fd90c931e4eea13
9913f3fb52dd7a2168336c13c57e85bbe11a40b30dbd8a8dd6e6d615edd390b8
9f4685e65a52d104ef09632bd35e0c65d2e9fc5382e31def5a53911083ef6827
ce19047cdde0a0c8762adf3d8f450569b7c536550f75b28571cccb6a397e50c0
cf5a49c268dc586c9ddc7f8c4445cf9d12183a59aeb3b20e66d59f3ac8528cb3
d9d39af7c1673eb33ff290a2e5a1f0edbb8e4cfec428d95bc7a896a94c8a376d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6a40920a81d3a3489189bbb747f7d3e1b2a87f7568361e4872353bc2cb082b2

join.worldoftanks.com Open in urlscan Pro 92.223.51.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

87 %HTTPS

33 %IPv6

16 Domains

16 Subdomains

10 IPs

5 Countries

7831 kBTransfer

8148 kBSize

10 Cookies

6 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

join.worldoftanks.com Open in urlscan Pro
92.223.51.163 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

87 %
HTTPS

33 %
IPv6

16
Domains

16
Subdomains

10
IPs

5
Countries

7831 kB
Transfer

8148 kB
Size

10
Cookies

38 HTTP transactions
0 data transactions