warthunder.com Open in urlscan Pro
104.20.83.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023#/
Effective URL:
https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Submission: On January 16 via manual (January 16th 2024, 11:30:19 am UTC) from EG — Scanned from DE

Summary HTTP 70 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 21 domains to perform 70 HTTP transactions. The main IP is 104.20.83.98, located in and belongs to CLOUDFLARENET, US. The main domain is warthunder.com. The Cisco Umbrella rank of the primary domain is 49847.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on January 9th 2024. Valid for: a year.

This is the only time warthunder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	104.20.83.98 104.20.83.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 3	87.240.137.164 87.240.137.164	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	63.35.126.133 63.35.126.133	16509 (AMAZON-02) (AMAZON-02)
1	95.211.237.152 95.211.237.152	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	185.40.155.13 185.40.155.13	21030 (CDNNOW-AS) (CDNNOW-AS)
8	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	95.211.33.59 95.211.33.59	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	5.189.239.94 5.189.239.94	49505 (SELECTEL) (SELECTEL)
2	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	85.17.170.54 85.17.170.54	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	138.201.230.88 138.201.230.88	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	13.43.23.108 13.43.23.108	() ()
1	99.84.88.36 99.84.88.36	() ()
70	26

22 104.20.83.98 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

warthunder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.137.164 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.126.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-126-133.eu-west-1.compute.amazonaws.com

uep.gaijin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.237.152 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

js.gaijin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.40.155.13 (Russian Federation)

ASN21030 (CDNNOW-AS, RU)

static.warthunder.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

consent.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.33.59 (Waalre, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

citydsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.189.239.94 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)

statad.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.17.170.54 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

retagro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.230.88 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88.230.201.138.clients.your-server.de

x.cnt.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.43.23.108 (None, )

ASN- ()

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.36 (None, )

ASN- ()

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	warthunder.com 1 redirects warthunder.com — Cisco Umbrella Rank: 49847	1 MB
8	cookiefirst.com consent.cookiefirst.com — Cisco Umbrella Rank: 33273 edge.cookiefirst.com — Cisco Umbrella Rank: 38670	62 KB
5	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	3 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 trc.taboola.com — Cisco Umbrella Rank: 646 trc-events.taboola.com — Cisco Umbrella Rank: 2085	23 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79	2 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2616	981 B
3	anura.io script.anura.io ads.anura.io	21 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	669 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 376	14 KB
3	warthunder.ru static.warthunder.ru — Cisco Umbrella Rank: 236827	4 MB
3	vk.com 1 redirects vk.com — Cisco Umbrella Rank: 7012	22 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982	71 KB
2	cnt.my 1 redirects x.cnt.my — Cisco Umbrella Rank: 108359	859 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	92 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	gaijin.net uep.gaijin.net — Cisco Umbrella Rank: 538815 js.gaijin.net — Cisco Umbrella Rank: 426257	100 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
1	retagro.com retagro.com — Cisco Umbrella Rank: 141235	294 B
1	statad.ru statad.ru — Cisco Umbrella Rank: 76749	335 B
1	citydsp.com citydsp.com — Cisco Umbrella Rank: 105731	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	97 KB
70	21

	Domain	Requested by
22	warthunder.com	1 redirects warthunder.com
7	consent.cookiefirst.com	js.gaijin.net consent.cookiefirst.com
5	mc.yandex.com	3 redirects warthunder.com
3	www.google.de	warthunder.com
3	bat.bing.com	warthunder.com bat.bing.com
3	www.google.com	1 redirects warthunder.com
3	static.warthunder.ru	warthunder.com
3	vk.com	1 redirects warthunder.com
3	mc.yandex.ru	1 redirects warthunder.com
2	script.anura.io	warthunder.com script.anura.io
2	trc-events.taboola.com	cdn.taboola.com
2	x.cnt.my	1 redirects warthunder.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	warthunder.com connect.facebook.net
2	www.google-analytics.com	js.gaijin.net www.google-analytics.com
2	googleads.g.doubleclick.net	warthunder.com js.gaijin.net
1	ads.anura.io	script.anura.io
1	www.facebook.com	warthunder.com
1	edge.cookiefirst.com	consent.cookiefirst.com
1	region1.analytics.google.com	www.googletagmanager.com
1	retagro.com	citydsp.com
1	trc.taboola.com	cdn.taboola.com
1	statad.ru	warthunder.com
1	citydsp.com	warthunder.com
1	cdn.taboola.com	warthunder.com
1	www.googletagmanager.com	js.gaijin.net
1	js.gaijin.net	warthunder.com
1	uep.gaijin.net	warthunder.com
70	28

This site contains links to these domains. Also see Links.

Domain
legal.gaijin.net
support.gaijin.net

Subject Issuer	Validity	Valid
*.warthunder.com GeoTrust TLS RSA CA G1	`2024-01-09` - `2025-02-01`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.gaijin.net GeoTrust TLS RSA CA G1	`2023-03-14` - `2024-04-12`	a year	crt.sh
static.warthunder.ru R3	`2023-12-21` - `2024-03-20`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
*.cookiefirst.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2024-12-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
citydsp.com R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
statad.ru R3	`2024-01-10` - `2024-04-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
advermarkt.com R3	`2023-12-07` - `2024-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
script.anura.io Amazon RSA 2048 M02	`2023-10-16` - `2024-11-13`	a year	crt.sh
ads.anura.io Amazon RSA 2048 M01	`2023-05-30` - `2024-06-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Frame ID: 234E0A6EA396A71B35725B41C0FF53BB
Requests: 74 HTTP requests in this frame

Frame: https://uep.gaijin.net:8383/track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvd2FydGh1bmRlci5jb206NDQzXC9lblwvcGxheTRmcmVlP3BhcmFtcz0mbGFuZz1lbiZyPXV0Yl9NaWxpdGFyeUF2aWF0aW9uSGlzdG9yeV8yMDIzIiwiaXAiOiIxOTMuMzIuMjQ4LjIxNiIsImxhbmdfdXJsIjoiZW4iLCJsYW5nX2dlbyI6ImRlIiwic2FsdCI6IlNOZ1gyUDA3SjcxY1Vvdk53SlA4LUdGdXIzY2ZrLVl3In0%3D&public_key=UOWlwLc8M1wOUKRPSEy9&crc=35eb2c5251cb9cbd79354137dc26e5fc
Frame ID: 58A6F0DF10F7397078184CA853F08194
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

War Thunder — Registration War Thunder — Registration

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

70
Requests

91 %
HTTPS

48 %
IPv6

21
Domains

28
Subdomains

26
IPs

7
Countries

5477 kB
Transfer

7250 kB
Size

42
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://legal.gaijin.net/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://legal.gaijin.net/privacypolicy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://legal.gaijin.net/termsofservice
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://support.gaijin.net/
Title: Customer support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://warthunder.com/ZDEzY2QxY/mNjMjk5Yj?_1705404613 HTTP 302
https://warthunder.com/en/ZDEzY2QxY/mNjMjk5Yj?_1705404613

Request Chain 5

https://vk.com/js/api/openapi.js?168 HTTP 302
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168

Request Chain 33

https://www.google.com/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=1809431354.1705404613&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free&dma_cps=sypham&dma=1&gtm=45He41a0n61HWDXKv6174342&auid=1152904098.1705404613 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=1809431354.1705404613&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free&dma_cps=sypham&dma=1&gtm=45He41a0n61HWDXKv6174342&auid=1152904098.1705404613

Request Chain 42

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10249.hoerbz3m0cUDfHuGOHEcKWrG71XtPeWxI8rt2Dy3B6HYMKvVmhMj6Ltl-YUgSm46.h1u-YB-QffGn_NQ5tyar8Gj0EXI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10249.zLS0Y9baXUN67mrT1RGWdH_jYXPcbe_HNTS5BoH17UauGs9g26cv1PQ_cb97TnooVOoSqHgRDVD7U9AVCYiBPRXjXr91Kt-k8flP__bQP1KXUjBUuRSaKvUXt3xncfnwcvUovvft0ySaEWbSy_AUkYKWS_pYGoSxjvYRyMaM4JVOELETSqJmesZ5UmpBpg3GpujplwzCQmKxwfDMb8xtSo3CllY5u1_7SPQhP3tTz_k%2C.VX-XtQB_fE5VV7oWhA2CgpUgjG4%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10249.qwAS1V66_AgoOF09XRW48fOT8rW7HAU-H036VT5CTd5qIyFAokXi5b629e1wDalpfPWpn1QPhJ558ZnybBHXle-rApjQFrLLBYTXAcTpXES8b1eMI_LVM3A2zN8itluDmBNpAaTHc-dtJFgf8V1GCzUGNDwDcxbRE39Q1fNmDtqF8_LwL6irm01_DoQp6rgy_jL5H_hYUVL_mYFmDCBLNQ%2C%2C.ySo2VS8qnECdDv2A33_efXQOnU0%2C

Request Chain 56

https://x.cnt.my/px/?dom=warthunder.com&r=0.0943515247904485 HTTP 301
https://x.cnt.my/px/?dom=warthunder.com&r=0.0943515247904485&rand=0.6271278769739455&xtmp=1

Request Chain 65

https://mc.yandex.com/watch/21262261?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A110370019527%3Ahid%3A89665375%3Az%3A60%3Ai%3A20240116123013%3Aet%3A1705404614%3Ac%3A1%3Arn%3A401093555%3Arqn%3A1%3Au%3A1705404614857916908%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C826%2C2%2C%2C0%2C%2C113%2C0%2C%2C%2C%2C1227%3Aco%3A0%3Acpf%3A1%3Ans%3A1705404612169%3Afp%3A1246%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705404614%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A110370019527%3Ahid%3A89665375%3Az%3A60%3Ai%3A20240116123013%3Aet%3A1705404614%3Ac%3A1%3Arn%3A401093555%3Arqn%3A1%3Au%3A1705404614857916908%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C826%2C2%2C%2C0%2C%2C113%2C0%2C%2C%2C%2C1227%3Aco%3A0%3Acpf%3A1%3Ans%3A1705404612169%3Afp%3A1246%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705404614%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

70 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request play4free Show response
warthunder.com/en/ 24 KB
8 KB 897ms
826ms Document
text/html 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.24
Resource Hash: 9d00a19ef03f5c5a3510fe34fab10afa5fa6d2d3e3553ae6864e43026d6dae40

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8466066a8b2eabce-CPH
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 11:30:13 GMT
expires: Tue, 16 Jan 2024 10:30:12 +0000
last-modified: Tue, 16 Jan 2024 11:30:12 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-node-id: 05
x-powered-by: PHP/8.0.24
x-request-id: 553fd9d20f1480af6e09554657ae5094

GET
H2 200 vendor-ee3c96d8.css
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 142 KB
54 KB 81ms
80ms Stylesheet
text/css 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/vendor-ee3c96d8.css
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3c96d86e628387279fbe6cc01e64beb8c54139b88583deac158d3d65e73bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-2376e"
vary: Accept-Encoding
content-type: text/css
cf-ray: 8466066fbf26abce-CPH
x-request-id: 6bbf955dcf10ab1c2fabf2276d18be28

GET
H2 200 index-db04c699.css
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 60 KB
30 KB 91ms
91ms Stylesheet
text/css 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db04c699ffc66f6c371f38d81c57a4850ecbbc1fa734affe50cc233c9694654c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-f1c5"
vary: Accept-Encoding
content-type: text/css
cf-ray: 8466066fbf28abce-CPH
x-request-id: 251d79e9a21fe2ee2466f9db39b6ac3d

GET
H2 200 index-9a90b980.js Show response
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 45 KB
17 KB 69ms
69ms Script
application/javascript 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-9a90b980.js
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b7bbb7decf60a9e2dba5c0c277266752ab0c1e3bc6b8e8687dad06f187cf29e

Request headers

Referer: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Origin: https://warthunder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-b4c5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cf-ray: 8466066fbf2cabce-CPH
x-request-id: f20916b8e07126c8fb6c275aa295bb61

GET
H2

202

mNjMjk5Yj
warthunder.com/en/ZDEzY2QxY/
Redirect Chain

https://warthunder.com/ZDEzY2QxY/mNjMjk5Yj?_1705404613
https://warthunder.com/en/ZDEzY2QxY/mNjMjk5Yj?_1705404613

37 B
468 B

312ms
312ms

Image
image/gif

104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/en/ZDEzY2QxY/mNjMjk5Yj?_1705404613
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.24
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 11:30:13 GMT
server: cloudflare
x-powered-by: PHP/8.0.24
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
cf-ray: 84660670a8dfabce-CPH
x-request-id: ffcad524a0fe6c6faf82712db542169e
expires: Tue, 16 Jan 2024 10:30:13 +0000

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 11:30:13 GMT
server: cloudflare
x-powered-by: PHP/8.0.24
content-type: text/html; charset=UTF-8
location: https://warthunder.com/en/ZDEzY2QxY/mNjMjk5Yj?_1705404613
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 8466066fbf2eabce-CPH
x-request-id: cfd3a40d4ced1c7e8d75a6cf722c6620
expires: Tue, 16 Jan 2024 10:30:13 +0000

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 264ms
130ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Tue, 16 Jan 2024 12:30:13 GMT

GET
H2

200

openapi.917ca96d9331f956d945e39706791fde.js Show response
vk.com/dist/public/api/
Redirect Chain

https://vk.com/js/api/openapi.js?168
https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168

56 KB
21 KB

89ms
88ms

Script
application/x-javascript

87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Server: 87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv164-137-240-87.vk.com
Software: kittenx /
Resource Hash: 8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-trace-id: pZ7c3UackMoeX0DvHTR6U-gKsyKG2g
date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: gzip
x-frontend: front512006
last-modified: Mon, 23 Oct 2023 22:26:41 GMT
server: kittenx
etag: W/"6536f321-e147"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Sat, 20 Jan 2024 11:30:13 GMT

Redirect headers

x-trace-id: 5n1x3EcShzF30Em-VwYXIbF30hbFDw
date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: gzip
x-frontend: front512006
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115537
content-type: text/html; charset=windows-1251
location: /dist/public/api/openapi.917ca96d9331f956d945e39706791fde.js?168
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 20

GET
H/1.1 200
OK track_pixel Show response
uep.gaijin.net/ Frame 58A6 99 B
222 B 231ms
128ms Document
text/html 63.35.126.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uep.gaijin.net:8383/track_pixel?event=track_pixel&data=eyJ1cmwiOiJodHRwczpcL1wvd2FydGh1bmRlci5jb206NDQzXC9lblwvcGxheTRmcmVlP3BhcmFtcz0mbGFuZz1lbiZyPXV0Yl9NaWxpdGFyeUF2aWF0aW9uSGlzdG9yeV8yMDIzIiwiaXAiOiIxOTMuMzIuMjQ4LjIxNiIsImxhbmdfdXJsIjoiZW4iLCJsYW5nX2dlbyI6ImRlIiwic2FsdCI6IlNOZ1gyUDA3SjcxY1Vvdk53SlA4LUdGdXIzY2ZrLVl3In0%3D&public_key=UOWlwLc8M1wOUKRPSEy9&crc=35eb2c5251cb9cbd79354137dc26e5fc
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.126.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-126-133.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 8bafcfa87f73694b56ed9d5b601a7179d1d0683d8dcedc6b1e7f201791065634

Request headers

Referer: https://warthunder.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 99
Date: Tue, 16 Jan 2024 11:30:13 GMT
X-Powered-By: Express

GET
H/1.1 200
OK tag Show response
js.gaijin.net/ 308 KB
100 KB 177ms
74ms Script
application/javascript 95.211.237.152
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.gaijin.net/tag?id=GTM-HWDXK

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.211.237.152 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

26b5a6bf02f3ca232504375b92d2279160dada6af9a87b536eba78fd192584fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 11:30:13 GMT
Content-Encoding: br
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 101206
X-XSS-Protection: 0
Last-Modified: Tue, 16 Jan 2024 09:00:00 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
Expires: Tue, 16 Jan 2024 11:30:13 GMT

GET
H2 200 vendor-e76dd0e5.js Show response
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 819 KB
360 KB 77ms
77ms Script
application/javascript 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/vendor-e76dd0e5.js
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f390e19e6f5f5e76c27374a59db39d4165034fadff9eb9e68c9dc7a92c34ec0e

Request headers

Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-9a90b980.js
Origin: https://warthunder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-cccb9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
cf-ray: 846606706882abce-CPH
x-request-id: 4e5d7a7f52c3e16f7fe2d1afcbf916b4

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f667e4c4f7904c33224af255f43e91d143262b7a2be02e955e6a073f1553275f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo-da7df79d.png
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 129 KB
129 KB 82ms
82ms Image
image/png 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/logo-da7df79d.png
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da7df79d5f04b24a8b0489e7ff1ba28daf1ac8fac21d2b83ed4f5b64e31f877b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: "65a64b31-2044c"
content-type: image/png
accept-ranges: bytes
cf-ray: 84660671cb12abce-CPH
content-length: 132172
x-request-id: 144c1145c5c055954bafe6d0affc61e9

GET
H2 200 multiple-bonuses-landing-bg-56e01644.webp
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 213 KB
213 KB 62ms
62ms Image
image/webp 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/multiple-bonuses-landing-bg-56e01644.webp
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e01644a602000f6254f2949e5078111ce00e64d5caac22893b25ecdf754496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: "65a64b31-35392"
content-type: image/webp
accept-ranges: bytes
cf-ray: 84660671cb13abce-CPH
content-length: 218002
x-request-id: adcb04fecaa27dda22a9bdcdd4aa7862

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdae3615ebbeca5bfcd79f6378a079859464b15b7859f4022416e1967b19a716

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 413 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9b1492d5087d1e5e895939f29fffac5e1c7a1f9a5b660df707989fb258ab6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 btn_sprite_consoles-002e6869.png
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 16 KB
16 KB 130ms
127ms Image
image/png 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/btn_sprite_consoles-002e6869.png
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 002e686990ab214b098417e530c637149f148ad88e323777dabede14d4bff19f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: "65a64b31-401b"
content-type: image/png
accept-ranges: bytes
cf-ray: 84660671cb1fabce-CPH
content-length: 16411
x-request-id: 0be860c1a7f3c7864cc0d8f710ce47b0

GET
H2 200 consoles-28bd0cbf.svg
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 1 KB
833 B 109ms
107ms Image
image/svg+xml 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/consoles-28bd0cbf.svg
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28bd0cbfdcb456c72299d832e30d6a960ed5ebfc9879e0ab67cd2c7317b13de5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-564"
content-type: image/svg+xml
cf-ray: 84660671cb21abce-CPH
x-request-id: 041bcc9fd09633528a1c0a7d07ba0ee8

GET
H2 200 sprite-bonuses-extra-2-0aa294c0.png
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 72 KB
72 KB 150ms
149ms Image
image/png 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/sprite-bonuses-extra-2-0aa294c0.png
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0aa294c0f82decffbac650e60a4605935c80cd9d2b3648086ba8593ff369882e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: "65a64b31-11f03"
content-type: image/png
accept-ranges: bytes
cf-ray: 84660671cb22abce-CPH
content-length: 73475
x-request-id: 3f98ce28a74895599379b68368f135d1

GET
H2 200 sprite-bonuses-2-f3c4a967.png
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 144 KB
144 KB 135ms
133ms Image
image/png 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/sprite-bonuses-2-f3c4a967.png
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c4a967dce37c2c26c493ed9254ca6fd109166350f9dba7dc5c7d9d8d8ed54c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: "65a64b31-240e2"
content-type: image/png
accept-ranges: bytes
cf-ray: 84660671cb25abce-CPH
content-length: 147682
x-request-id: 4df827a07539c84acf0872cdd0cb6c85

GET
H2 200 logo-windows_short-fd0b7db0.svg
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 338 B
323 B 125ms
123ms Image
image/svg+xml 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/logo-windows_short-fd0b7db0.svg
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0b7db00b0c5a776a9fffc7e9a3fb1791dc93f2e1d64955da7aa823c7e48f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-152"
content-type: image/svg+xml
cf-ray: 84660671cb27abce-CPH
x-request-id: 2df43fba7431e121e4eaae903a5abe01

GET
H2 200 logo-mac_short-3815dbf7.svg
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 4 KB
2 KB 118ms
116ms Image
image/svg+xml 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/logo-mac_short-3815dbf7.svg
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3815dbf77527a36177903b9ed31c0d6d24585b619b853b6b01ea59c5457958eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-e9f"
content-type: image/svg+xml
cf-ray: 84660671cb2aabce-CPH
x-request-id: dd7316ff8dcbe7d42dd48b62bdf67af8

GET
H2 200 logo-linux-0669b8e4.svg
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 3 KB
1 KB 110ms
109ms Image
image/svg+xml 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/logo-linux-0669b8e4.svg
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0669b8e40a7cacc69de98af8e7202a58f73b70141e38fa67c63fa8e36a9e35c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-c24"
content-type: image/svg+xml
cf-ray: 84660671cb2dabce-CPH
x-request-id: ef5f89e37ecb636d013798c87a92c4a1

GET
H2 200 logo-ps4-57fe224a.svg
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 3 KB
1 KB 142ms
141ms Image
image/svg+xml 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/logo-ps4-57fe224a.svg
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57fe224ad20e05c9b6e400d6ebb964794aa07f870991d03633f5ed01e905e2f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-bab"
content-type: image/svg+xml
cf-ray: 84660671eb5cabce-CPH
x-request-id: e729a5ef96695e320d526de6622088c2

GET
H2 200 logo-ps5-232bf257.svg
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 3 KB
1 KB 129ms
128ms Image
image/svg+xml 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/logo-ps5-232bf257.svg
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232bf257e2a5e6b7c2f276f6f6b462b8ea7666b360355f0109037ab499eecd6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-b74"
content-type: image/svg+xml
cf-ray: 84660671eb5eabce-CPH
x-request-id: c7378a0ff5861f8551318acad4281b7e

GET
H2 200 logo-xbox-one-9643f655.svg
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 3 KB
1 KB 126ms
125ms Image
image/svg+xml 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/logo-xbox-one-9643f655.svg
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9643f6553ba1288522ee926c84d581dbe0851410423c8e353274b152c2394f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-bad"
content-type: image/svg+xml
cf-ray: 84660671eb60abce-CPH
x-request-id: b9c381980f9bc52fe792f6168d54f781

GET
H2 200 logo-xbox-series-xs-c455926b.svg
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 11 KB
4 KB 136ms
135ms Image
image/svg+xml 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/logo-xbox-series-xs-c455926b.svg
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c455926bc84d3f241664edaecdc662f8fbdf73b0cb57d392203b9fe31d3d7139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: W/"65a64b31-2b96"
content-type: image/svg+xml
cf-ray: 84660671eb64abce-CPH
x-request-id: 35265d283b7b43f1f093e62020e63fc6

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7f94867d8fe3a53b6bf7b0c773e7d3e91442aa825fea7f5d11cec4d33477bf4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 665a618c1cbb3e534f1bdf0c7c110acbeb6d85b767c6efe05b3daab1ce2c8109

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 oswald-v48-latin-ext_latin_cyrillic-500-6fbbcb45.woff2
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 25 KB
25 KB 65ms
64ms Font
font/woff2 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/oswald-v48-latin-ext_latin_cyrillic-500-6fbbcb45.woff2
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fbbcb452e1a2d60f885fe5d2741faf3203ee9384de0b48577d1a6838a89ad41

Request headers

Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/index-db04c699.css
Origin: https://warthunder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: "65a64b31-64a0"
content-type: font/woff2
accept-ranges: bytes
cf-ray: 84660671cb1cabce-CPH
content-length: 25760
x-request-id: b74fd0d0381bbbc8d22254e68fdf1322

GET
H2 200 PTRootUI_Regular-d7e390c0.woff2
warthunder.com/land/signupNewWithMultipleBonuses/assets/ 50 KB
51 KB 139ms
138ms Font
font/woff2 104.20.83.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/PTRootUI_Regular-d7e390c0.woff2
Requested by: Host: warthunder.com
URL: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/vendor-ee3c96d8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.83.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7e390c04c441db46d42cad2251133f522bf974d43024518fc4450479e67ca72

Request headers

Referer: https://warthunder.com/land/signupNewWithMultipleBonuses/assets/vendor-ee3c96d8.css
Origin: https://warthunder.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
x-node-id: 05
cf-cache-status: DYNAMIC
last-modified: Tue, 16 Jan 2024 09:24:01 GMT
server: cloudflare
etag: "65a64b31-c9fc"
content-type: font/woff2
accept-ranges: bytes
cf-ray: 84660671eb65abce-CPH
content-length: 51708
x-request-id: 794a0e8e5644491b4f800b6e40099194

GET
H2 206 multibonus-landing-2022.mp4
static.warthunder.ru/upload/video/ 55 KB
0 141ms
27ms Media
video/mp4 185.40.155.13
CDNNOW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.warthunder.ru/upload/video/multibonus-landing-2022.mp4
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://warthunder.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
last-modified: Mon, 30 May 2022 12:50:19 GMT
server: nginx
etag: "6294bd8b-3bc9a2"
x-edge-cache: HIT
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-3918241/3918242
cache-control: max-age=315360000
x-edge-ip: 172.19.25.31
link: <https://origin-gc-k5z7dfubr4dswe.warthunder.ru/upload/video/multibonus-landing-2022.mp4>; rel="canonical"
Content-Length: 3918242
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rtrg
vk.com/ 49 B
398 B 58ms
58ms Image
image/gif 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-498777-cCNoW&metatag_url=https%3A%2F%2Fwarthunder.com%2F&metatag_title=%20War%20Thunder%20%E2%80%94%20Registration%20

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.115537

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-trace-id: ZObJr7Jca7qRC3Y-kZdtswOWKXbmuA
date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: gzip
x-frontend: front512006
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115537
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 banner.js Show response
consent.cookiefirst.com/ 66 KB
26 KB 144ms
66ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&language=inherit&silent-mode=true
Requested by: Host: js.gaijin.net
URL: https://js.gaijin.net/tag?id=GTM-HWDXK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: 986b791d73f59f0122406e43922b1afe0796745c03b39c9279030cfc2c52f9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-164
cdn-cachedat: 01/09/2024 13:07:47
cdn-pullzone: 236985
visitor-location: SE
last-modified: Tue, 09 Jan 2024 13:07:47 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"659d4523-107e7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=300
cdn-requestid: eb92140b7e2e1b63d8ef2aa681914ef7
cdn-requestcountrycode: SE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 banner.js Show response
consent.cookiefirst.com/ 66 KB
26 KB 110ms
32ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Requested by: Host: js.gaijin.net
URL: https://js.gaijin.net/tag?id=GTM-HWDXK
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: 986b791d73f59f0122406e43922b1afe0796745c03b39c9279030cfc2c52f9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-164
cdn-cachedat: 01/09/2024 13:07:47
cdn-pullzone: 236985
visitor-location: SE
last-modified: Tue, 09 Jan 2024 13:07:47 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"659d4523-107e7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=300
cdn-requestid: cc8a410f7a16c69c34b92e5da1e01ff6
cdn-requestcountrycode: SE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=1809431354.1705404613&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free&dma_cps=sypham&dma=1&gtm=45He41a0n61HWDXKv6174342&auid=1152...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=1809431354.1705404613&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free&dma_cps=sypham&dma=1&gtm=45He41a0n61HWDXKv6174...

42 B
285 B

94ms
94ms

Ping
image/gif

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=1809431354.1705404613&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free&dma_cps=sypham&dma=1&gtm=45He41a0n61HWDXKv6174342&auid=1152904098.1705404613

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11t1t1l1l5&rnd=1809431354.1705404613&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free&dma_cps=sypham&dma=1&gtm=45He41a0n61HWDXKv6174342&auid=1152904098.1705404613
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
97 KB 184ms
65ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c

Requested by

Host: js.gaijin.net
URL: https://js.gaijin.net/tag?id=GTM-HWDXK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca86ad64da5fa5e5926e06e88d1350ce0ca3f5b1cd359fcdfb9b4ed922d1d3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98671
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 Jan 2024 11:30:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/977291250/ 3 KB
2 KB 216ms
95ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977291250/?random=1705404613442&cv=11&fst=1705404613442&bg=ffffff&guid=ON&async=1&gtm=45He41a0v6174342&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023&hn=www.googleadservices.com&frm=0&tiba=War%20Thunder%20%E2%80%94%20Registration&auid=1152904098.1705404613&uamb=0&uaw=0&data=registration%3Dregistration&rfmt=3&fmt=4

Requested by

Host: js.gaijin.net
URL: https://js.gaijin.net/tag?id=GTM-HWDXK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34b415c3740d427b20106157cb2dab3c337533001977f2414632a3821ffccf15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 175ms
56ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: js.gaijin.net
URL: https://js.gaijin.net/tag?id=GTM-HWDXK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 Jan 2024 09:48:13 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6120
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 16 Jan 2024 11:48:13 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 121ms
60ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 16 Jan 2024 11:30:12 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 37AEF8D598B047DD82269947AA7E1973 Ref B: CPH30EDGE0721 Ref C: 2024-01-16T11:30:13Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 212 KB
57 KB 86ms
29ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jan 2024 11:30:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56915
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8Ec7OfWQOs0JnuPzhGNjAu0sGIgA/wO/2VaMQ6kW378JQUXVr9/J1L+radhIh7NsKqT4Y5lpy0KavPC9Zc1Kjg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1626307/ 66 KB
20 KB 94ms
29ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc3682667a1e427f95d36a4c65aaa005c31b380150139d0c374349982ade0eff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: YQczlf3QZdYafu70dLpT.jMWamnE8E9i
content-encoding: gzip
via: 1.1 varnish
date: Tue, 16 Jan 2024 11:30:13 GMT
x-amz-request-id: 3RJQQFC6NGBSW384
age: 105
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 20406
x-amz-id-2: u360hqPbk2T9vFoOokDTmGQTGtKMxzORybmnpvWWuUuafNG8V0lN79Gbh2XxNqPi9KSuSUcO9n4=
x-served-by: cache-fra-eddf8230046-FRA
last-modified: Sun, 14 Jan 2024 11:17:30 GMT
server: AmazonS3
x-timer: S1705404614.579852,VS0,VE2
etag: "a368dcc093b4a1a935130c946800de5f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK dsp Show response
citydsp.com/ 667 B
792 B 145ms
32ms Script
text/javascript 95.211.33.59
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://citydsp.com/dsp?h=warthunder.com&r=0.5219321079818673
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.33.59 Waalre, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7567250970a6e086d9a03651a9e5d3f20fc7e65ec6df07f2d0f3421f32414695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 11:30:13 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Connection: keep-alive

GET
H/1.1 200
OK pixel.gif
statad.ru/ 43 B
335 B 138ms
44ms Image
image/gif 5.189.239.94
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statad.ru/pixel.gif?u=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&r=&w=1&h=0&gW=1600&gH=1200&gDH=1390&gDW=1600&c=eff:4g&t=1705404613447
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.239.94 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 11:30:16 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.21.6
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10249.hoerbz3m0cUDfHuGOHEcKWrG71XtPeWxI8rt2Dy3B6HYMKvVmhMj6Ltl-YUgSm46.h1u-YB-QffGn_NQ5tyar8Gj0EXI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10249.zLS0Y9baXUN67mrT1RGWdH_jYXPcbe_HNTS5BoH17UauGs9g26cv1PQ_cb97TnooVOoSqHgRDVD7U9AVCYiBPRXjXr91Kt-k8flP__bQP1KXUjBUuRSaKvUXt3xncfnwcvUovvft0y...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10249.qwAS1V66_AgoOF09XRW48fOT8rW7HAU-H036VT5CTd5qIyFAokXi5b629e1wDalpfPWpn1QPhJ558ZnybBHXle-rApjQFrLLBYTXAcTpXES8b...

43 B
585 B

63ms
63ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10249.qwAS1V66_AgoOF09XRW48fOT8rW7HAU-H036VT5CTd5qIyFAokXi5b629e1wDalpfPWpn1QPhJ558ZnybBHXle-rApjQFrLLBYTXAcTpXES8b1eMI_LVM3A2zN8itluDmBNpAaTHc-dtJFgf8V1GCzUGNDwDcxbRE39Q1fNmDtqF8_LwL6irm01_DoQp6rgy_jL5H_hYUVL_mYFmDCBLNQ%2C%2C.ySo2VS8qnECdDv2A33_efXQOnU0%2C

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10249.qwAS1V66_AgoOF09XRW48fOT8rW7HAU-H036VT5CTd5qIyFAokXi5b629e1wDalpfPWpn1QPhJ558ZnybBHXle-rApjQFrLLBYTXAcTpXES8b1eMI_LVM3A2zN8itluDmBNpAaTHc-dtJFgf8V1GCzUGNDwDcxbRE39Q1fNmDtqF8_LwL6irm01_DoQp6rgy_jL5H_hYUVL_mYFmDCBLNQ%2C%2C.ySo2VS8qnECdDv2A33_efXQOnU0%2C
date: Tue, 16 Jan 2024 11:30:13 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
500 B 106ms
106ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 16 Jan 2024 12:30:13 GMT

GET
H2 206 multibonus-landing-2022.mp4
static.warthunder.ru/upload/video/ 18 KB
19 KB 83ms
82ms Media
video/mp4 185.40.155.13
CDNNOW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.warthunder.ru/upload/video/multibonus-landing-2022.mp4
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 081ed20a8d33aff3fbb715637432680609acaa6e05ce4ae8f12089320d6bdc8f

Request headers

Referer: https://warthunder.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=3899392-

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
last-modified: Mon, 30 May 2022 12:50:19 GMT
server: nginx
etag: "6294bd8b-3bc9a2"
x-edge-cache: HIT
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 3899392-3918241/3918242
cache-control: max-age=315360000
x-edge-ip: 172.19.25.31
link: <https://origin-gc-k5z7dfubr4dswe.warthunder.ru/upload/video/multibonus-landing-2022.mp4>; rel="canonical"
Content-Length: 18850
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 5665554.js Show response
bat.bing.com/p/action/ 0
118 B 58ms
58ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5665554.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 16 Jan 2024 11:30:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7B417ABB10DF4C83877650B525C7BEB9 Ref B: CPH30EDGE0721 Ref C: 2024-01-16T11:30:13Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 120ms
120ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5665554&Ver=2&mid=29127b47-b748-4d04-84de-39235cfd178f&sid=9d693060b46211ee94ebbf1bee2b9a7d&vid=9d695190b46211ee9809b11423ac6208&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=War%20Thunder%20%E2%80%94%20Registration&p=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&r=&lt=1227&evt=pageLoad&sv=1&rn=444366

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Jan 2024 11:30:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CE2669A824A4EB69BD44951AB69FCDF Ref B: CPH30EDGE0721 Ref C: 2024-01-16T11:30:13Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 version.json Show response
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 44 B
782 B 143ms
43ms Fetch
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/version.json?v=1705404613581
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: d75d6ff8a2f7e5c49599a5097ccb44a59ccc762190922945370a956248cee8e2

Request headers

Accept: application/json
Referer: https://warthunder.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-168
cdn-cachedat: 01/16/2024 11:30:13
cdn-pullzone: 236985
content-length: 44
visitor-location: SE
last-modified: Sat, 06 Jan 2024 02:06:55 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6598b5bf-2c"
content-type: application/json
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=15
cdn-requestid: 88f1bccdeef650bdf72cc191f1af1973
accept-ranges: bytes
cdn-requestcountrycode: SE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1751351005148330 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1751351005148330?v=2.9.140&r=stable&domain=warthunder.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

320b14d88238b3f9700ab3e395b8093fb83c0cde547ab2e67ec85ed7c7624200

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 Jan 2024 11:30:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35500
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: MsULKb9mcvwPDfvCFt4ORut9yV9Y0jmpfqy4dWYGkaYZiAATyV8HVbi1cY/Gi631QILYhMRFLmys9bUsOLEohQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1626307/trc/3/ 3 KB
2 KB 50ms
43ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1626307/trc/3/json?tim=1705404613612&data=%7B%22id%22%3A805%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1705404613609%2C%22cv%22%3A%2220240114-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwarthunder.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fr%3Dutb_MilitaryAviationHistory_2023%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dgaijindistributionkft-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1705404613611%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3b1df0616ff8fe6a02ab74e5109fabf38bfd63e4c928c280cb6f5365602a673

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.3009375
x-fastly-to-nlb-rtt: 7913
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230046-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1705404614.630042,VS0,VE16
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 63ms
63ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1808210234&t=pageview&_s=1&dl=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023&ul=en-us&de=UTF-8&dt=War%20Thunder%20%E2%80%94%20Registration&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABBAAAAC~&jid=1575409632&gjid=856736201&cid=11879586.1705404614&tid=UA-40910063-1&_gid=1984550428.1705404614&_slc=1&gtm=45He41a0n61HWDXKv6174342&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&z=2061163986

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://warthunder.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://warthunder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 172ms
57ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-40910063-1&cid=11879586.1705404614&jid=1575409632&gjid=856736201&_gid=1984550428.1705404614&_u=YGBAiAABBAAAAG~&z=1074324317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://warthunder.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 16 Jan 2024 11:30:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://warthunder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 multibonus-landing-2022.mp4
static.warthunder.ru/upload/video/ 4 MB
4 MB 27ms
27ms Media
video/mp4 185.40.155.13
CDNNOW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.warthunder.ru/upload/video/multibonus-landing-2022.mp4
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 77e2ce52b251e02c0199ecf96beba47f49013ed28f3053c3805e21db18948d74

Request headers

Referer: https://warthunder.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=32768-

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
last-modified: Mon, 30 May 2022 12:50:19 GMT
server: nginx
etag: "6294bd8b-3bc9a2"
x-edge-cache: HIT
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 32768-3918241/3918242
cache-control: max-age=315360000
x-edge-ip: 172.19.25.31
link: <https://origin-gc-k5z7dfubr4dswe.warthunder.ru/upload/video/multibonus-landing-2022.mp4>; rel="canonical"
Content-Length: 3885474
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/977291250/ 42 B
108 B 68ms
67ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/977291250/?random=1705404613442&cv=11&fst=1705402800000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v6174342&u_w=1600&u_h=1200&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023&frm=0&tiba=War%20Thunder%20%E2%80%94%20Registration&data=registration%3Dregistration&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_y3VC0Dw6ZBxRIM8VFBoMvpV7ZkIrdg&random=43678167&rmt_tld=0&ipr=y

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/977291250/ 42 B
455 B 186ms
68ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/977291250/?random=1705404613442&cv=11&fst=1705402800000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v6174342&u_w=1600&u_h=1200&url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023&frm=0&tiba=War%20Thunder%20%E2%80%94%20Registration&data=registration%3Dregistration&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_y3VC0Dw6ZBxRIM8VFBoMvpV7ZkIrdg&random=43678167&rmt_tld=1&ipr=y

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK init Show response
retagro.com/ 0
294 B 99ms
32ms Script
text/javascript 85.17.170.54
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://retagro.com/init?r=0.518959246642255
Requested by: Host: citydsp.com
URL: https://citydsp.com/dsp?h=warthunder.com&r=0.5219321079818673
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 85.17.170.54 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 11:30:13 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, private
Connection: keep-alive

GET
H2

200

/
x.cnt.my/px/
Redirect Chain

https://x.cnt.my/px/?dom=warthunder.com&r=0.0943515247904485
https://x.cnt.my/px/?dom=warthunder.com&r=0.0943515247904485&rand=0.6271278769739455&xtmp=1

35 B
554 B

34ms
34ms

Image
image/gif

138.201.230.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.cnt.my/px/?dom=warthunder.com&r=0.0943515247904485&rand=0.6271278769739455&xtmp=1
Requested by: Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023
Protocol: H2
Server: 138.201.230.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.230.201.138.clients.your-server.de
Software: nginx /
Resource Hash: 90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
server: nginx
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache,max-age=0,must-revalidate, no-cache
content-length: 35
expires: 0

Redirect headers

date: Tue, 16 Jan 2024 11:30:13 GMT
server: nginx
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: /px/?dom=warthunder.com&r=0.0943515247904485&rand=0.6271278769739455&xtmp=1
content-type: text/plain; charset=utf-8
cache-control: no-cache
content-length: 75
expires: 0

GET
H2 200 config.json Show response
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 2 KB
2 KB 39ms
38ms Fetch
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/config.json?v=49753500-074e-4e03-af76-a821b9c82a9c
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: 8a6d26f3c6c41cd38f8f3e70857d9dd95c69f4f6b5fe09bd5651e4ba6c0a12b3

Request headers

Accept: application/json
Referer: https://warthunder.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-661
cdn-cachedat: 01/10/2024 17:27:21
cdn-pullzone: 236985
visitor-location: SE
last-modified: Sat, 06 Jan 2024 02:06:41 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6598b5b1-9c8"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=30
cdn-requestid: fd06ddac99d93c8f442956539efeacb3
cdn-requestcountrycode: SE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.analytics.google.com/g/ 0
244 B 116ms
41ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3KX7RD39Z5&gtm=45je41a0v899146998z86174342&_p=1705404613179&_gaz=1&gcs=G111&gcd=11t1t1l1l5&dma_cps=sypham&dma=1&cid=11879586.1705404614&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1705404613&sct=1&seg=0&dl=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023&dt=War%20Thunder%20%E2%80%94%20Registration&en=page_view&_fv=1&_ss=1&tfd=1618
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://warthunder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 58ms
57ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3KX7RD39Z5&cid=11879586.1705404614&gtm=45je41a0v899146998z86174342&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3KX7RD39Z5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://warthunder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 80ms
80ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3KX7RD39Z5&cid=11879586.1705404614&gtm=45je41a0v899146998z86174342&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=11t1t1l1l5&z=81560676

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
edge.cookiefirst.com/prod/ 67 B
470 B 59ms
31ms Fetch
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.cookiefirst.com/prod/location?origin=warthunder.com
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 628f7993d9da63d4843dc2f7d563aec38c6ce99cbe208715be351d8d9a5fb92e

Request headers

Accept: application/json
Referer: https://warthunder.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 01/16/2024 11:30:13
cdn-pullzone: 717911
content-length: 67
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://warthunder.com
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=1200
cdn-requestid: 2bd48244f769757f9efae7a5569c2f8c
cdn-requestcountrycode: SE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 83ms
83ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40910063-1&cid=11879586.1705404614&jid=1575409632&_u=YGBAiAABBAAAAG~&z=1613523494

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 81ms
81ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-40910063-1&cid=11879586.1705404614&jid=1575409632&_u=YGBAiAABBAAAAG~&z=1613523494

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 94ms
29ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1751351005148330&ev=PageView&dl=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&rl=&if=false&ts=1705404613854&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705404613655.376224620&ler=empty&it=1705404613601&coo=false&cdl=&rqm=GET

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 Jan 2024 11:30:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/21262261/
Redirect Chain

https://mc.yandex.com/watch/21262261?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Av...
https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3...

439 B
531 B

65ms
65ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A110370019527%3Ahid%3A89665375%3Az%3A60%3Ai%3A20240116123013%3Aet%3A1705404614%3Ac%3A1%3Arn%3A401093555%3Arqn%3A1%3Au%3A1705404614857916908%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C826%2C2%2C%2C0%2C%2C113%2C0%2C%2C%2C%2C1227%3Aco%3A0%3Acpf%3A1%3Ans%3A1705404612169%3Afp%3A1246%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705404614%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

76b3cbce8b2ad6b36b4fe07815d5bb8550de5a787e1a51206d2bad68621eeb07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 16-Jan-2024 11:30:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://warthunder.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Tue, 16-Jan-2024 11:30:13 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:13 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 16-Jan-2024 11:30:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/21262261/1?wmode=7&page-url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A110370019527%3Ahid%3A89665375%3Az%3A60%3Ai%3A20240116123013%3Aet%3A1705404614%3Ac%3A1%3Arn%3A401093555%3Arqn%3A1%3Au%3A1705404614857916908%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C826%2C2%2C%2C0%2C%2C113%2C0%2C%2C%2C%2C1227%3Aco%3A0%3Acpf%3A1%3Ans%3A1705404612169%3Afp%3A1246%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705404614%3At%3AWar%20Thunder%20%E2%80%94%20Registration&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://warthunder.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 16-Jan-2024 11:30:13 GMT

GET
H2 200 lang-widget-en.json Show response
consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/ 13 KB
5 KB 42ms
42ms Fetch
application/json 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/warthunder.com-93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7/lang-widget-en.json?v=49753500-074e-4e03-af76-a821b9c82a9c
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: 1000d63154714b42b87f2db0d0e849d40c29cd2c3dc62e0df2b490ea679ab7a0

Request headers

Accept: application/json
Referer: https://warthunder.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-storageserver: DE-164
cdn-cachedat: 01/06/2024 02:07:08
cdn-pullzone: 236985
visitor-location: SE
last-modified: Sat, 06 Jan 2024 02:06:44 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6598b5b4-3207"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
cdn-requestid: 8e3db675c9aee9f8b9b5a359a9cd5866
cdn-requestcountrycode: SE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 233.362b.c.css
consent.cookiefirst.com/banner/v2.14.4/static-main/ 127 B
881 B 38ms
38ms Stylesheet
text/css 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.14.4/static-main/233.362b.c.css
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-662
cdn-cachedat: 01/09/2024 13:07:47
cdn-pullzone: 236985
content-length: 127
visitor-location: SE
last-modified: Tue, 09 Jan 2024 13:07:46 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "659d4522-7f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
cdn-requestid: 4ba9b58b9fb581eba57cea45266eb1f2
accept-ranges: bytes
cdn-requestcountrycode: SE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 233.8420.c.js Show response
consent.cookiefirst.com/banner/v2.14.4/static-main/ 96 B
859 B 36ms
36ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.14.4/static-main/233.8420.c.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.js?cookiefirst-key=93bb9cb2-c1a1-406c-b31c-aa8ce224b6e7&stealth-mode=true&language=inherit&silent-mode=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1080 /
Resource Hash: b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:30:13 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-663
cdn-cachedat: 01/09/2024 13:07:47
cdn-pullzone: 236985
content-length: 96
visitor-location: SE
last-modified: Tue, 09 Jan 2024 13:07:46 GMT
server: Cookie First CDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "659d4522-60"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
cdn-requestid: 7e928cdc63fa044b2b3327698e0a9400
accept-ranges: bytes
cdn-requestcountrycode: SE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 204 unip Show response
trc-events.taboola.com/1626307/log/3/ 0
246 B 100ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1705404613610&ver=36&isls=true&src=i&invt=1500&msa=190&rv=1&tim=1705404615161&vi=1705404613609&ri=6b94a315416984957f026cf1269bce50&ref=null&cv=20240114-2-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: https://warthunder.com
pragma: no-cache
date: Tue, 16 Jan 2024 11:30:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1626307/log/3/ 0
245 B 30ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1626307/log/3/unip?en=pre_d_eng_tb&tos=4553&scd=0&ssd=1&est=1705404613610&ver=36&isls=true&src=i&invt=3000&msa=190&rv=1&tim=1705404618163&vi=1705404613609&ri=6b94a315416984957f026cf1269bce50&ref=null&cv=20240114-2-RELEASE&item-url=https%3A%2F%2Fwarthunder.com%2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023%23%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1626307/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: https://warthunder.com
pragma: no-cache
date: Tue, 16 Jan 2024 11:30:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 request.js Show response
script.anura.io/ 55 KB
20 KB 196ms
111ms Script
application/javascript 13.43.23.108

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=3952744944&exid=FD085B8EC468A6653B7B4E2A020DA805&source=utb&campaign=militaryaviationhistory_2023&861753441183

Requested by

Host: warthunder.com
URL: https://warthunder.com/en/play4free?r=utb_MilitaryAviationHistory_2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.43.23.108 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

5bc711bc6cf6bc32f8528d7d5e2d1bde8f3462031f30302df96cbc7d838ae68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 showads.js Show response
ads.anura.io/ 0
352 B 140ms
43ms XHR
application/javascript 99.84.88.36

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?552396903257
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3952744944&exid=FD085B8EC468A6653B7B4E2A020DA805&source=utb&campaign=militaryaviationhistory_2023&861753441183
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.36 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://warthunder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:12:25 GMT
content-encoding: gzip
via: 1.1 b8d6320dae849a3360537a2233718764.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: MUC50-C1
age: 44273
vary: Accept-Encoding
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 5_LeCBviinmMXcUTj7jhQT16sDx_NjPQo_B_xdKdYDAwfF8Vb06_qA==

POST
H2 200 response.json Show response
script.anura.io/ 43 B
397 B 192ms
117ms XHR
application/json 13.43.23.108

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3952744944&exid=FD085B8EC468A6653B7B4E2A020DA805&source=utb&campaign=militaryaviationhistory_2023&861753441183

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.43.23.108 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

fea78462609efb7700fbae9eadb4d51c5ce5221d6d70ec37e52c8e2c12564023

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://warthunder.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 11:30:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.warthunder.com/	1970-01-20 18:03:34	Name: identity_sid Value: 6n7jvdaqh6r86c15hmkhnqqmta
.warthunder.com/	1970-01-21 02:29:00	Name: language Value: en
.warthunder.com/	1970-01-21 02:29:00	Name: afsId Value: FD085B8EC468A6653B7B4E2A020DA805
.warthunder.com/	1969-12-31 23:59:59	Name: ref_name Value: utb
.warthunder.com/	1969-12-31 23:59:59	Name: track_lp Value: 1
.warthunder.com/	1969-12-31 23:59:59	Name: wt_l_page Value: MilitaryaviationhistoryTest
.warthunder.com/	1969-12-31 23:59:59	Name: wt_l_page_url Value: %2Fen%2Fplay4free%3Fr%3Dutb_MilitaryAviationHistory_2023
warthunder.com/	1970-01-20 18:26:36	Name: _language Value: en
warthunder.com/	1970-01-20 18:26:36	Name: partner_info Value: aHR0cHM6Ly93YXJ0aHVuZGVyLmNvbTo0NDMvZW4vcGxheTRmcmVlP3BhcmFtcz0mbGFuZz1lbiZyPXV0Yl9NaWxpdGFyeUF2aWF0aW9uSGlzdG9yeV8yMDIz
.warthunder.com/	1970-01-21 02:29:00	Name: conntrack Value: jlsI/WWmaMQqTns7BagNAg==
.vk.com/	1970-01-21 02:33:59	Name: remixlang Value: 6
.vk.com/	1970-01-21 02:29:00	Name: remixstlid Value: 9105174500048587809_Rw84yhIYGUzWqB55QpNDWMoMdmyBUQcmclFIVpMOrNw
.warthunder.com/	1970-01-20 19:53:00	Name: _gcl_au Value: 1.1.1152904098.1705404613
.warthunder.com/	1970-01-21 02:29:00	Name: _ym_uid Value: 1705404614857916908
.warthunder.com/	1970-01-21 02:29:00	Name: _ym_d Value: 1705404614
.warthunder.com/	1970-01-20 17:44:51	Name: _uetsid Value: 9d693060b46211ee94ebbf1bee2b9a7d
.warthunder.com/	1970-01-21 03:05:00	Name: _uetvid Value: 9d695190b46211ee9809b11423ac6208
.mc.yandex.com/	1970-01-20 17:43:25	Name: sync_cookie_csrf Value: 2769528703fake
.warthunder.com/	1970-01-20 17:44:51	Name: _gid Value: GA1.2.1984550428.1705404614
.warthunder.com/	1970-01-20 17:43:24	Name: _dc_gtm_UA-40910063-1 Value: 1
.warthunder.com/	1970-01-20 19:53:00	Name: _fbp Value: fb.1.1705404613655.376224620
.doubleclick.net/	1970-01-20 17:43:25	Name: test_cookie Value: CheckForPermission
.bing.com/	1970-01-21 03:05:00	Name: MUID Value: 2F11A7D6B138690E1A4BB3DEB0446848
.yandex.com/	1970-01-21 03:19:24	Name: i Value: wQ5mdWjYvd7tCroQdGqT/jyZ8oQFzwY+ZVDHTRwUQeWHxODfVjsT+AE55Ma5o7ybOILu5ejM5h8PWCJjkV8OGwsvb/g=
.yandex.com/	1970-01-21 02:29:00	Name: yandexuid Value: 9876020961705404613
.warthunder.com/	1970-01-20 17:44:36	Name: _ym_isad Value: 2
citydsp.com/	1970-01-20 22:02:36	Name: userId Value: 13590494123
.statad.ru/	1970-01-21 03:19:24	Name: serv Value: 2
.mc.yandex.ru/	1970-01-20 17:43:25	Name: sync_cookie_csrf Value: 1918244763fake
.mc.yandex.com/	1970-01-20 17:44:51	Name: sync_cookie_ok Value: synced
.warthunder.com/	1970-01-21 03:19:24	Name: _ga_3KX7RD39Z5 Value: GS1.1.1705404613.1.0.1705404613.60.0.0
.warthunder.com/	1970-01-21 03:19:24	Name: _ga Value: GA1.1.11879586.1705404614
.yandex.ru/	1970-01-21 03:19:24	Name: yandexuid Value: 9876020961705404613
.yandex.ru/	1970-01-21 03:19:24	Name: yuidss Value: 9876020961705404613
.yandex.ru/	1970-01-21 03:19:24	Name: i Value: wQ5mdWjYvd7tCroQdGqT/jyZ8oQFzwY+ZVDHTRwUQeWHxODfVjsT+AE55Ma5o7ybOILu5ejM5h8PWCJjkV8OGwsvb/g=
.yandex.ru/	1970-01-21 03:19:24	Name: yp Value: 1705491013.yu.9215600491705404613
.yandex.ru/	1970-01-21 02:29:00	Name: ymex Value: 1707996613.oyu.9215600491705404613
.cnt.my/	1970-01-21 02:29:00	Name: xcntID Value: y2a2f3b65cd76b2c4b
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 603586131705404613
.yandex.com/	1970-01-21 02:29:00	Name: yuidss Value: 9876020961705404613
.yandex.com/	1970-01-21 02:29:00	Name: ymex Value: 1736940613.yrts.1705404613
.yandex.com/	1970-01-21 02:29:00	Name: bh Value: KgI/MA==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
bat.bing.com
cdn.taboola.com
citydsp.com
connect.facebook.net
consent.cookiefirst.com
edge.cookiefirst.com
googleads.g.doubleclick.net
js.gaijin.net
mc.yandex.com
mc.yandex.ru
region1.analytics.google.com
retagro.com
script.anura.io
statad.ru
static.warthunder.ru
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
uep.gaijin.net
vk.com
warthunder.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.cnt.my
104.20.83.98
13.43.23.108
138.201.230.88
141.226.228.48
151.101.65.44
185.40.155.13
2001:4860:4802:32::36
2400:52e0:1e00::1080:1
2620:1ec:c11::200
2a00:1450:4001:810::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:400c:c07::9c
2a02:6b8::1:119
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
5.189.239.94
63.35.126.133
85.17.170.54
87.240.137.164
95.211.237.152
95.211.33.59
99.84.88.36
002e686990ab214b098417e530c637149f148ad88e323777dabede14d4bff19f
0669b8e40a7cacc69de98af8e7202a58f73b70141e38fa67c63fa8e36a9e35c4
081ed20a8d33aff3fbb715637432680609acaa6e05ce4ae8f12089320d6bdc8f
0aa294c0f82decffbac650e60a4605935c80cd9d2b3648086ba8593ff369882e
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
1000d63154714b42b87f2db0d0e849d40c29cd2c3dc62e0df2b490ea679ab7a0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
232bf257e2a5e6b7c2f276f6f6b462b8ea7666b360355f0109037ab499eecd6b
26b5a6bf02f3ca232504375b92d2279160dada6af9a87b536eba78fd192584fd
28bd0cbfdcb456c72299d832e30d6a960ed5ebfc9879e0ab67cd2c7317b13de5
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
320b14d88238b3f9700ab3e395b8093fb83c0cde547ab2e67ec85ed7c7624200
34b415c3740d427b20106157cb2dab3c337533001977f2414632a3821ffccf15
3815dbf77527a36177903b9ed31c0d6d24585b619b853b6b01ea59c5457958eb
4c9b1492d5087d1e5e895939f29fffac5e1c7a1f9a5b660df707989fb258ab6e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56e01644a602000f6254f2949e5078111ce00e64d5caac22893b25ecdf754496
57fe224ad20e05c9b6e400d6ebb964794aa07f870991d03633f5ed01e905e2f0
5bc711bc6cf6bc32f8528d7d5e2d1bde8f3462031f30302df96cbc7d838ae68e
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
628f7993d9da63d4843dc2f7d563aec38c6ce99cbe208715be351d8d9a5fb92e
665a618c1cbb3e534f1bdf0c7c110acbeb6d85b767c6efe05b3daab1ce2c8109
6fbbcb452e1a2d60f885fe5d2741faf3203ee9384de0b48577d1a6838a89ad41
7567250970a6e086d9a03651a9e5d3f20fc7e65ec6df07f2d0f3421f32414695
76b3cbce8b2ad6b36b4fe07815d5bb8550de5a787e1a51206d2bad68621eeb07
77e2ce52b251e02c0199ecf96beba47f49013ed28f3053c3805e21db18948d74
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a6d26f3c6c41cd38f8f3e70857d9dd95c69f4f6b5fe09bd5651e4ba6c0a12b3
8b7bbb7decf60a9e2dba5c0c277266752ab0c1e3bc6b8e8687dad06f187cf29e
8bafcfa87f73694b56ed9d5b601a7179d1d0683d8dcedc6b1e7f201791065634
8f5aeba25fd371707e9489cff88d4a714c2e0febc2531e29009f7ecbd2b97f0e
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
9643f6553ba1288522ee926c84d581dbe0851410423c8e353274b152c2394f6d
986b791d73f59f0122406e43922b1afe0796745c03b39c9279030cfc2c52f9b9
9d00a19ef03f5c5a3510fe34fab10afa5fa6d2d3e3553ae6864e43026d6dae40
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb
b3b1df0616ff8fe6a02ab74e5109fabf38bfd63e4c928c280cb6f5365602a673
b7f94867d8fe3a53b6bf7b0c773e7d3e91442aa825fea7f5d11cec4d33477bf4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c455926bc84d3f241664edaecdc662f8fbdf73b0cb57d392203b9fe31d3d7139
ca86ad64da5fa5e5926e06e88d1350ce0ca3f5b1cd359fcdfb9b4ed922d1d3ec
cc3682667a1e427f95d36a4c65aaa005c31b380150139d0c374349982ade0eff
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d75d6ff8a2f7e5c49599a5097ccb44a59ccc762190922945370a956248cee8e2
d7e390c04c441db46d42cad2251133f522bf974d43024518fc4450479e67ca72
da7df79d5f04b24a8b0489e7ff1ba28daf1ac8fac21d2b83ed4f5b64e31f877b
db04c699ffc66f6c371f38d81c57a4850ecbbc1fa734affe50cc233c9694654c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1
ee3c96d86e628387279fbe6cc01e64beb8c54139b88583deac158d3d65e73bbf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f390e19e6f5f5e76c27374a59db39d4165034fadff9eb9e68c9dc7a92c34ec0e
f3c4a967dce37c2c26c493ed9254ca6fd109166350f9dba7dc5c7d9d8d8ed54c
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f667e4c4f7904c33224af255f43e91d143262b7a2be02e955e6a073f1553275f
fd0b7db00b0c5a776a9fffc7e9a3fb1791dc93f2e1d64955da7aa823c7e48f47
fdae3615ebbeca5bfcd79f6378a079859464b15b7859f4022416e1967b19a716
fea78462609efb7700fbae9eadb4d51c5ce5221d6d70ec37e52c8e2c12564023

warthunder.com Open in urlscan Pro 104.20.83.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

91 %HTTPS

48 %IPv6

21 Domains

28 Subdomains

26 IPs

7 Countries

5477 kBTransfer

7250 kBSize

42 Cookies

4 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

warthunder.com Open in urlscan Pro
104.20.83.98 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

91 %
HTTPS

48 %
IPv6

21
Domains

28
Subdomains

26
IPs

7
Countries

5477 kB
Transfer

7250 kB
Size

42
Cookies

70 HTTP transactions
5 data transactions