Report - inoradde.com/4/4292618/

Report Overview

Submitted URL
inoradde.com/4/4292618/
IP
139.45.197.238
ASN
#9002 RETN Limited
Submitted
2023-03-07 13:22:44
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
s.go-mpulse.net	1280	2017-07-13T10:35:40Z	2023-03-25T05:40:43Z	392 B	51 kB	23.38.200.138
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-24T18:12:14Z	1.2 kB	121 kB	157.240.200.14
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T05:09:02Z	3.0 kB	8.0 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-24T18:14:23Z	782 B	2.4 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-25T04:18:49Z	1.4 kB	2.9 kB	192.229.221.95
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-25T18:50:35Z	402 B	681 B	139.45.195.8
nexters.g2afse.com	unknown	2023-02-05T06:54:09Z	2023-03-22T13:47:42Z	501 B	648 B	34.91.91.144
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-24T18:17:07Z	606 B	127 B	52.39.172.78
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-25T05:37:21Z	374 B	21 kB	142.250.74.46
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-24T16:33:49Z	3.2 kB	49 kB	34.120.237.76
trc-events.taboola.com	1779	2020-06-09T15:52:57Z	2023-03-25T05:43:52Z	3.8 kB	1.5 kB	141.226.228.48
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-24T18:20:20Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-25T05:09:25Z	333 B	391 B	34.117.237.239
heroesweb-a.akamaihd.net	126474	2020-12-21T13:31:20Z	2023-03-24T14:53:13Z	7.6 kB	528 kB	95.101.11.27
c.go-mpulse.net	568	2014-03-15T02:53:06Z	2023-03-25T05:09:32Z	789 B	321 B	23.38.200.138
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	886 B	349 B	157.240.200.35
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-24T18:13:50Z	977 B	448 B	216.239.34.36
inoradde.com	unknown	2021-10-25T17:22:46Z	2023-03-25T17:40:52Z	685 B	2.2 kB	139.45.197.238
www.hero-wars.com	unknown	2017-04-20T19:53:37Z	2023-03-24T20:03:30Z	2.9 kB	11 kB	95.101.10.66
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-25T05:22:40Z	383 B	92 kB	172.217.21.168
www.googleoptimize.com	1604	2019-07-16T12:17:19Z	2023-03-25T06:16:27Z	386 B	46 kB	142.250.74.78
cdn.taboola.com	1040	2013-07-20T01:48:03Z	2023-03-25T05:12:26Z	379 B	19 kB	151.101.193.44
trc.taboola.com	602	2012-12-27T12:54:42Z	2023-03-25T05:12:27Z	2.7 kB	3.9 kB	151.101.193.44
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-25T05:09:34Z	1.7 kB	3.5 kB	142.250.74.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-25T00:27:50Z	902 B	58 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-03-07	medium	inoradde.com	Sinkholed
2023-03-07	medium	inoradde.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618	341 B	2023-03-13	2023-03-26
Pretty URL www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 IP 95.101.10.66 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 21:20:56 Last Seen2023-03-26 14:07:35 Times Seen113 Hash 3eaaa3670a02db27198f73015a6ea8eb 8d8510ae1527fa502827beff4c1c1cfadd9f17e2 9d70cdaa4b35ee3110a6466c6c1fbb06a88cfabd50be14ae052fe6ba2556ad21 Loading...

	www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618	1.3 kB	2023-03-25	2023-03-25
Pretty URL www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 IP 95.101.10.66 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:29 Last Seen2023-03-25 22:40:29 Times Seen1 Hash d12c5217ae974cb680621f499a90fe41 6bd0bdea89c24fa5f05c54970811b12f1fa33649 5fd59ff57872b5ad5fdd0da904d699d8d5eab2b63f20072a16a371fa261936e8 Loading...

	www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618	565 B	2023-03-13	2023-03-26
Pretty URL www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 IP 95.101.10.66 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 21:20:56 Last Seen2023-03-26 14:07:35 Times Seen113 Hash b3261f71d3719fd8360597ec0d8de1d9 85295841f3580e2e8ae8237d880936f4b83e3f02 6e80f6013724f3daa1ba1302add5f36ffe8be5004d63dea30612a49aca797404 Loading...

	heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/locale/en/autoGenerateTranslate.js	22 kB	2023-03-14	2023-03-26
Pretty URL heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/locale/en/autoGenerateTranslate.js IP 95.101.11.27 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 01:49:17 Last Seen2023-03-26 14:07:35 Times Seen104 Hash 0c3d4065f56b0db8a2af2ca887d25ad3 c047c0425229e125d93041647e72a6af022d4d64 4852c84c6d85583bc6ab92a6b63771a71d3e9320b73f6c53a582ad4f53d472a5 Loading...

	www.googletagmanager.com/gtag/js?id=G-LFE4ZMGDNX&l=dataLayer&cx=c	234 kB	2023-03-25	2023-03-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-LFE4ZMGDNX&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:33:31 Last Seen2023-03-25 22:40:29 Times Seen2 Hash 6f8c7c8737017c702c449d14ece997c8 d278192b486f0ab959e00cde01f80a170303465c 6aece9e3859d3f5d77560217ffbbae4549dbbd42d09d3002eef35be6dfbeb214 Loading...

	www.googleoptimize.com/optimize.js?id=GTM-NHMFT83	115 kB	2023-03-14	2023-03-25
Pretty URL www.googleoptimize.com/optimize.js?id=GTM-NHMFT83 IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:56:33 Last Seen2023-03-25 22:40:29 Times Seen3 Hash 056ea34ea7e7165c4fd8552352edab57 ea32854c87296a3d636528ebc05ca367e6e75057 6b68ac919f68f600b1bd90985d8fd200e072944124ac51861592ee8674b343a0 Loading...

	connect.facebook.net/en_US/sdk.js	3.1 kB	2023-03-25	2023-03-25
Pretty URL connect.facebook.net/en_US/sdk.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:29 Last Seen2023-03-25 22:40:29 Times Seen1 Hash fa5cefcce9acee9676402bf0dc890499 4931cfc145f90ea84e8bfb5301ae4b096c4af174 df361fc11c56badcf4d787f997f00fb872263693ab359a8155b3f2e451c980ba Loading...

	trc.taboola.com/1123625/trc/3/json?tim=1678195354440&data=%7B%22id%22%3A679%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354286%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A9%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i	2.5 kB	2023-03-25	2023-03-25
Pretty URL trc.taboola.com/1123625/trc/3/json?tim=1678195354440&data=%7B%22id%22%3A679%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback1%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354286%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A9%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:29 Last Seen2023-03-25 22:40:29 Times Seen1 Hash 293a9df70bd7718d744c99f5b3fef994 a9d12a0532b31bf133dd87e2f1c156fa1f6ca106 f5961eabe146fc9fb68373bf997ed47a5dbb2ff2cc365913175799be26c16a62 Loading...

	www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618	4.2 kB	2023-03-25	2023-03-25
Pretty URL www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 IP 95.101.10.66 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:29 Last Seen2023-03-25 22:40:29 Times Seen1 Hash b2ceda52643b9e8d9c2dcd8fa55fa219 8c3968245c241f62c483eae99136f93980b10680 e581932e00a28452b0a2ca90012a2373742c5588507cc9aa7bf39ca10a346511 Loading...

	inoradde.com/4/4292618/	610 B	2023-03-25	2023-03-25
Pretty URL inoradde.com/4/4292618/ IP 139.45.197.238 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:29 Last Seen2023-03-25 22:40:29 Times Seen1 Hash a5d75a7bfb1ef1463ec6f897104c0ec3 b5941878dac18428f696b4c34635700b67487724 25c6473208967251a460b131f3040f9b115cc67a62cb6e159a2935828dffb38b Loading...

	www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618	48 B	2023-03-07	2024-04-16
Pretty URL www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 IP 95.101.10.66 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:27 Last Seen2024-04-16 08:31:16 Times Seen557 Hash 761148c4c7fb1c965c92da27d54eb6c3 5db2b031a0febd027b505b769d0785cccb78a5b7 c4d3736fcdfc3b507e9c19258df9eb0a3d9c7210d532f29f402d2c02a22767e0 Loading...

	www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618	112 B	2023-03-25	2023-03-26
Pretty URL www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 IP 95.101.10.66 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:29 Last Seen2023-03-26 00:34:43 Times Seen23 Hash 8fddb13cd32000ec28b6b64cddf62d63 11c547f945ba0076c0aa729f8f3c13bdf252ee3f b571bba9cd5b357c54b13b9452d60e4346ebfd1b6a32ce3d67b8e9076345e675 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 08:51:24 Times Seen36932814 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/main.js	190 kB	2023-03-14	2023-03-26
Pretty URL heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/main.js IP 95.101.11.27 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 18:02:56 Last Seen2023-03-26 10:31:51 Times Seen68 Hash f3144473c87bba16b562d3a7168f8b5b 48335e7e3cfad9b1e013f95ee72ad8c9ad10f50e 710419edb2698f7b72344d9727afc75d57712f4d3865c7b8e5775f80e2eb4d7d Loading...

	www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618	366 B	2023-03-25	2023-03-25
Pretty URL www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 IP 95.101.10.66 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:30 Last Seen2023-03-25 22:40:30 Times Seen1 Hash 635c9ac354d435a3c96b73e7bd24c436 8b5dfe5483355f379dbf588641d1ca704ca23a96 b5015ff7ded50bdc6db79a0435d7c915120a658c2ad620a239e0bba5450482ed Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NZL7Z2L	331 kB	2023-03-25	2023-03-25
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NZL7Z2L IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:30 Last Seen2023-03-25 22:40:30 Times Seen1 Hash bd6efdfb180d0509a9fee911ec94028d dcbe02283789fc2ed2dca494b36e2409aca24b78 5efea4cd6644340ef9431ecd343ed2ffecc2905ade309110d2eeeb2c8c501a5f Loading...

	cdn.taboola.com/libtrc/unip/1171685/tfa.js	59 kB	2023-03-14	2023-03-26
Pretty URL cdn.taboola.com/libtrc/unip/1171685/tfa.js IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 19:09:34 Last Seen2023-03-26 04:00:44 Times Seen75 Hash e750890d0e914de9b68710480bc1c9e8 df88540afce2d90e406283fc0f3e85f51212fac4 167f671f4174d899bf1b6ea649a876cc7f92a6f593e08e20b1cde76bec51c65c Loading...

	connect.facebook.net/en_US/fbevents.js	110 kB	2023-03-14	2024-03-21
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:32:51 Last Seen2024-03-21 21:10:25 Times Seen3047 Hash 43998db2f3a554f89cbcd180dbb3ea1e 06fae8bb316c67dfd3702577e743bc5ffc5b05a4 0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363 Loading...

	connect.facebook.net/en_US/sdk.js?hash=01747ce02e699ad1035d24c3a9ef3153	308 kB	2023-03-25	2023-03-25
Pretty URL connect.facebook.net/en_US/sdk.js?hash=01747ce02e699ad1035d24c3a9ef3153 IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:38:56 Last Seen2023-03-25 22:55:25 Times Seen4 Hash cf34edbe107a89b1e61183b61c125a23 68b711140eea447ccf5ae71c7676434186f6b43a 21e7aaba731796901a754f51238d021506ad1a67a2fb05d533e247a0eb8767ea Loading...

	trc.taboola.com/1171685/trc/3/json?tim=1678195354278&data=%7B%22id%22%3A409%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354278%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i	2.5 kB	2023-03-25	2023-03-25
Pretty URL trc.taboola.com/1171685/trc/3/json?tim=1678195354278&data=%7B%22id%22%3A409%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354278%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-25 22:40:30 Last Seen2023-03-25 22:40:30 Times Seen1 Hash 9fd31678c055784e16fa691c0789f423 ec3ebcf2acca8ccf940399521114ba50db2bd790 2c15001a4978b48357780c19fb7e1aeb3c50ecf92d97f3fa922f89c903485c50 Loading...

	s.go-mpulse.net/boomerang/9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2	210 kB	2023-03-07	2024-04-16
Pretty URL s.go-mpulse.net/boomerang/9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2 IP 23.38.200.138 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-16 19:18:01 Times Seen1340 Hash fa4c76a7fde62b18054cf7eb8e946012 b20150066a879d2b78dd3d4908f4acd148ee66f8 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618	482 B	2023-03-13	2023-03-26
Pretty URL www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 IP 95.101.10.66 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 21:20:56 Last Seen2023-03-26 14:07:35 Times Seen109 Hash d639f1f5af1f3d0d94ac781e4ac2bd86 da3b68fe7810dd64604653dcd0259de73677768c 20f396d7fa08744acc00960d1a79e931b695e499f8757e9458b926fa80a8956d Loading...

	connect.facebook.net/signals/config/1867293949991560?v=2.9.98&r=stable	386 kB	2023-03-13	2023-03-26
Pretty URL connect.facebook.net/signals/config/1867293949991560?v=2.9.98&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 21:20:56 Last Seen2023-03-26 03:29:24 Times Seen52 Hash 5716c10854efee95323c361c6cf27723 e7452bdca946b1d605c731f801841e0bb2760af9 30edadf8ade4809bbd625601e2a08d8a6040b88f665ed46f4bdfa532ff224dd9 Loading...

HTTP Transactions (70)

URL IP Response Size

inoradde.com/4/4292618/

139.45.197.238

200 OK

635 B

URL HTTP/1.1
inoradde.com/4/4292618/
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
635 B (635 bytes)
Hash
0e4e0d804cfb47e62087993dd785556c
c7e7856f422a4a4014b41dbcc6bcb3254ff0dc1c
de653430db63dae860cbfa0cb10b0cb57aa38bebf24f7922a3d1e190af3de50b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /4/4292618/ HTTP/1.1
Host: inoradde.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:22:32 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c9ed07a0a23465a302ada5f65f9ba83e
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://nexters.g2afse.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=e78c5419c72c47c8bad3a5207c41b261; expires=Wed, 06 Mar 2024 13:22:32 GMT; path=/
oaidts=1678195352; expires=Wed, 06 Mar 2024 13:22:32 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16099
Expires: Tue, 07 Mar 2023 17:50:51 GMT
Date: Tue, 07 Mar 2023 13:22:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0f2c901fe04f9e3d18e9c3387b076780
3f0115cd05d7857a8119eff0479f5812df155d3d
84518fa2565f7f63933d3c552e1dc07f84c71f4a3df5d2821484c371ef57b924

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84518FA2565F7F63933D3C552E1DC07F84C71F4A3DF5D2821484C371EF57B924"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Tue, 07 Mar 2023 14:36:37 GMT
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Mar 2023 13:08:40 GMT
content-type: application/json
age: 833
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19136
Expires: Tue, 07 Mar 2023 18:41:29 GMT
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 6VTgSLXO4cjofQ4LHnWyX0uRkqHPRw/MxJJ5CWLFrqV+sKVsWwdmo2nXPvjBNPa66qC2TcDVgnai4e49hJXGUg==
x-amz-request-id: YSW76T5SCS5WFB5C
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Mar 2023 12:35:13 GMT
age: 2840
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Mar 2023 13:22:33 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f37b00ad5514a7578713619a06bc1f6a
3605bf27235fd158384810d8c1f2f0bf41e32637
fe820d7a7e0ff4df3822548f0d20e31d697329d498389d74b6c10f1a76367398

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE820D7A7E0FF4DF3822548F0D20E31D697329D498389D74B6C10F1A76367398"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3304
Expires: Tue, 07 Mar 2023 14:17:37 GMT
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive

ocsp.digicert.com/

192.229.221.95

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
1c46665aaab6542d3e3785f86abdfbb6
78f0f5988058be928e55aef1d40f54cd5694b900
5b80071a6c7e5b03cbb653e22ecf1665703f2ef3af8b0eee435fd540b8fa2c85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6199
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:33 GMT
Last-Modified: Tue, 07 Mar 2023 11:39:14 GMT
Server: ECAcc (amb/6B48)
X-Cache: HIT
Content-Length: 312

inoradde.com/favicon.ico

139.45.197.238

204 No Content

0 B

URL HTTP/1.1
inoradde.com/favicon.ico
IP
139.45.197.238:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: inoradde.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=e78c5419c72c47c8bad3a5207c41b261; oaidts=1678195352

HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate

my.rtmark.net/img.gif?f=merge&userId=e78c5419c72c47c8bad3a5207c41b261

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=e78c5419c72c47c8bad3a5207c41b261
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

POST /img.gif?f=merge&userId=e78c5419c72c47c8bad3a5207c41b261 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Tue, 07 Mar 2023 13:22:33 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e78c5419c72c47c8bad3a5207c41b261; expires=Wed, 06 Mar 2024 13:22:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

nexters.g2afse.com/click?pid=5&offer_id=7&sub1=4292618&sub8=656961526821032100&rdk=rk1

34.91.91.144

302 Found

0 B

URL HTTP/2
nexters.g2afse.com/click?pid=5&offer_id=7&sub1=4292618&sub8=656961526821032100&rdk=rk1
IP
34.91.91.144:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=5&offer_id=7&sub1=4292618&sub8=656961526821032100&rdk=rk1 HTTP/1.1
Host: nexters.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Tue, 07 Mar 2023 13:22:33 GMT
content-length: 0
location: https://www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=64073a9946cce00001cc886a; expires=Wed, 06 Mar 2024 13:22:33 GMT; secure; SameSite=None
afoffers={"7":1678195353}; expires=Wed, 06 Mar 2024 13:22:33 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Mar 2023 13:12:30 GMT
age: 603
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618

95.101.10.66

200 OK

4.2 kB

URL HTTP/2
www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618
IP
95.101.10.66:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4269)
Size
4.2 kB (4202 bytes)
Hash
13c904a744efeafc04a63bcd09b93344
15376e1cea28e2a6810920b4edbbe9ccadcc4fa6
b91b16d1ee9d58ec86badb1eba12d5ab6235c158ea53fd87a9d26fa40bfcc89c

HTTP Headers

GET /?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 HTTP/1.1
Host: www.hero-wars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,x-auth-application-id,x-auth-network-ident,x-auth-player-id,x-auth-session-id,x-auth-session-init,x-auth-session-key,x-auth-signature,x-auth-token,x-auth-user-id,x-env-referrer,x-request-id,x-requested-with,x-server-time,x-env-library-version,x-auth-network-sign,authorization
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-akamai-transformed: 9 - 0 pmb=mRUM,2
content-encoding: gzip
expires: Tue, 07 Mar 2023 13:22:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Mar 2023 13:22:33 GMT
content-length: 4202
set-cookie: XSRF-TOKEN=eyJpdiI6IkFiTHAyUWl3L1pqd1FNSlNZbFFVNnc9PSIsInZhbHVlIjoiVCtVeWhQRVdidDd0MVJ5dDd3a0MyRGV3SFE3dGNwSFl6MDdFZ3B0MGJ5YjE4Sk1ZZDUzNTRWWHFQMjlPZVh5cyIsIm1hYyI6ImUyODk3MzE3OTFkMDljNDBhMTBhZjhlNWMxZWJjNGRkM2Y1ZGY1OWUwMjk2YzgwYmVmNDc0MDNhNjI5OTQzYWMiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 06-May-2023 13:22:33 GMT; Max-Age=5184000; path=/; samesite=lax
hero_wars_session=eyJpdiI6IlM3bklRdWVNSjdYUHJacXBBS2l5ZlE9PSIsInZhbHVlIjoieVUyWkVyOXRoSWNSZDlISXk3N0NBTjFvMTkrcmhMQ29ka1dkb09WZEkvd0NKbHU4NFdZZ20vOVB4TDA2aXhCYSIsIm1hYyI6Ijk3ZDQ4MWNiMDRiY2JhZjA2NjYxNTUxMzFiNjBkMmMwNmQ1YTc0MGNlOTk5ZDRhYjM3N2VlMDIzM2E2NzlmMjciLCJ0YWciOiIifQ%3D%3D; expires=Sat, 06-May-2023 13:22:33 GMT; Max-Age=5184000; path=/; httponly; samesite=lax
hw_session_cookie=eyJpdiI6ImI1T0lKNnFqYno0QWhRT0FuYm53bkE9PSIsInZhbHVlIjoiK0hqeHBVdm0zSW1vSHBjVSt4am9VeXFaS3pUV3JTUTRyTU1lU1U2M3ZHOENleG5VcFNza1pzcE8xaDUvWnc2NCtaaXo5MjdtM2dycitYMStJZmpDWEE9PSIsIm1hYyI6IjcxMDEzZmM5NTEyYTNhZWQ3MGY3MTExNmQxYjE5NTZiNzYzMzMwMGY3ZGJmZTAwYTEyZjgwOGUzMDA4ZWI5MDMiLCJ0YWciOiIifQ%3D%3D; path=/; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6Inc5OVlUSTRSSjVuQzJZc0REMGY4aHc9PSIsInZhbHVlIjoib3dQdlVnTlAwNzJoNHp1RG1Cc1VQQT09IiwibWFjIjoiZTMwOWU5ZTNkMWViMzBjMWY3YzkzMWUxMzNiZTQ3MWQ4Yzg0YTg2ZWMyMGM0MzFhZmNkYThkYmQ4NGMwODFjNSIsInRhZyI6IiJ9; expires=Thu, 08-Mar-2018 13:22:33 GMT; Max-Age=0; path=/; domain=.hero-wars.com; httponly; samesite=lax
AKA_A2=A; expires=Tue, 07-Mar-2023 14:22:33 GMT; path=/; domain=hero-wars.com; secure; HttpOnly
ak_bmsc=48F294F42C30696B76B0D3369EDC6E3B~000000000000000000000000000000~YAAQPgplX7DHwImGAQAAMeg8vBP5B/3qWqxN5sOZDFH3/FHShvhe0CiFc0PYV8ycfHh5Df1koWkxME5az+36Qrvy9Eftey0WtJvYsOxYHowO1Jd/Ck3cWfPFwc4sLaiVHI9r/4msl0ax2MfMgWh1vrI7AXoIbbz6+nMHK/YQbtuqNYyipSAyzmpmbGEO2Rfi44AHJyBZkItJw+i47+zVbGcUkElZXPtB+ExAu9e6OtDmH3VTEdNe6zDB3giZCSumjdGxM8O43MKTw8+ABehzhXuIBqYrRicfqUGoNBMgGHoOEkeEDSsp7QIiA9ZgY12ap4me4DIRfKU3Ey6NK8JAnYQygFuBC7cZ4TL4GRpeO+V0LAdBSTAZx8KYU15ULmmHCkbZpc0Maqprholm; Domain=.hero-wars.com; Path=/; Expires=Tue, 07 Mar 2023 15:22:33 GMT; Max-Age=7200; HttpOnly
server-timing: edge; dur=2, origin; dur=188, cdn-cache; desc=MISS, ak_p; desc="466165_1600457278_96496460_18948_6838_1_0";dur=1
link: <https://heroesweb-a.akamaihd.net>;rel="preconnect",<https://heroesru-a.akamaihd.net>;rel="preconnect",<https://fonts.gstatic.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://cdn.onesignal.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://cdn.taboola.com>;rel="preconnect",<https://cdn.gsght.com>;rel="preconnect"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-NZL7Z2L

172.217.21.168

200 OK

91 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-NZL7Z2L
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (60353)
Size
91 kB (91019 bytes)
Hash
7b77ca8fe30953926fa7fb9f4cef7898
e1ba5d210a02697cdae286acc0d4ad366b232cbc
1b97425c8e1192ea6bdb48346d436dc792588be47885961a564b5010143b6f66

HTTP Headers

GET /gtm.js?id=GTM-NZL7Z2L HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Mar 2023 13:22:33 GMT
expires: Tue, 07 Mar 2023 13:22:33 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Mar 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2479
Expires: Tue, 07 Mar 2023 14:03:52 GMT
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/libs/get_browser.lib.js

95.101.11.27

200 OK

1.3 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/libs/get_browser.lib.js
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (5580)
Size
1.3 kB (1338 bytes)
Hash
241b34c9666fd7ec55e55633a7517b7d
70fe7d9dee0f2a730d560df126d7b27b459f9ee7
08f803ff75e113c9d112b4c7d65da6d5d9c094ac5f59dcca3c37a3a17190317a

HTTP Headers

GET /i/hw-web/v2/359997/js/libs/get_browser.lib.js HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 11:10:30 GMT
ETag: W/"64071ba6-15cd"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 1338
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/locale/en/autoGenerateTranslate.js

95.101.11.27

200 OK

8.8 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/locale/en/autoGenerateTranslate.js
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (21928), with no line terminators
Size
8.8 kB (8803 bytes)
Hash
6ac6038e3230cf43ee650cb48cb3a5aa
679f889b20b7ddd067356f5e2d189560d7654b87
ed4b34a84b40bd9cbaa9581d1fcae0fefd9a7462d3155ea5c3a4fffc8c56d639

HTTP Headers

GET /i/hw-web/v2/359997/js/locale/en/autoGenerateTranslate.js HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 11:10:30 GMT
ETag: W/"64071ba6-55a8"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 8803
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css

95.101.11.27

200 OK

5.0 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (15115), with no line terminators
Size
5.0 kB (5031 bytes)
Hash
6b3c2706aee89a09f383e11e4dd96131
8d691c3fec665a4c2a643530a88781ed24b70aef
32d51560b156052513512d19d00f21d3adacf3969e55c8aeb8141d3eba8f33db

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/style.css HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: W/"64071ba1-3b0b"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 5031
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/main.js

95.101.11.27

200 OK

79 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/main.js
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (63804), with no line terminators
Size
79 kB (79020 bytes)
Hash
3d79d575312eef94761ef98ad491781d
6ab7c1be0590a2d5a698d85fc3e0ee24880416ec
045c7ec2964c7128303df9da633f953520effdaf6d5a03c0c05b325e2d9a4e10

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/main.js HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: W/"64071ba1-2e780"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 79020
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/logo-7d56fa8.webp

95.101.11.27

200 OK

11 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/logo-7d56fa8.webp
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
11 kB (10800 bytes)
Hash
7793d407d927d53de9fe0950f736ec1f
c91ccf4d88c6f497b40fc11811b7260e6170aa5b
3c74c17a2d54a70b1411f25d149476011ce8bb8b634ce64ea248290760b75b68

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/logo-7d56fa8.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 10800
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-2a30"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_regular-3f8f20.woff

95.101.11.27

200 OK

25 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_regular-3f8f20.woff
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, TrueType, length 24952, version 1.1\012- data
Size
25 kB (24952 bytes)
Hash
e23c7d2768415430d64e7a06dc02a185
13677bc658eee394213bab72c0bff752f4f97036
0c4b058b31abf3088ecb3e40be509613a0f7139ce503c5cfbb4c62379e65f63f

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_regular-3f8f20.woff HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 24952
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-6178"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

www.googleoptimize.com/optimize.js?id=GTM-NHMFT83

142.250.74.78

200 OK

45 kB

URL HTTP/2
www.googleoptimize.com/optimize.js?id=GTM-NHMFT83
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2206)
Size
45 kB (45003 bytes)
Hash
1799f8d4063b8415342f2636a4d515ff
11738e53b5801b1b32a89517baeed53dfb38da1a
9b9077c05fd1307af92bccfd4d182b49b7a93c8b64b877ade5be59806c3938d6

HTTP Headers

GET /optimize.js?id=GTM-NHMFT83 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Mar 2023 13:22:34 GMT
expires: Tue, 07 Mar 2023 13:22:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Mar 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.172.78

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.172.78:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PWIpGybBaxou9pGSwF4dVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6as17mUQXnVaVkbkp3K54nFSqWc=

s.go-mpulse.net/boomerang/9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2

23.38.200.138

200 OK

50 kB

URL HTTP/2
s.go-mpulse.net/boomerang/9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2
IP
23.38.200.138:0
ASN
#16625 AKAMAI-AS

File type
C source, ASCII text, with very long lines (65103)
Size
50 kB (50393 bytes)
Hash
8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800

HTTP Headers

GET /boomerang/9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2 HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Sun, 26 Feb 2023 05:11:26 GMT
timing-allow-origin: *
vary: Accept-Encoding
x-n: S
content-length: 50393
date: Tue, 07 Mar 2023 13:22:34 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

142.250.74.106

200 OK

56 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
56 kB (56509 bytes)
Hash
39ab2d01aaa8dd182a3d4ab0ffaa67d4
505034ff83a5c0fd6ec6eb731b5347185f2b4d8e
26e9b336713b71934522dee00be236b1a9b1aa587058b4952789931c57c567a8

HTTP Headers

GET /css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 13:22:34 GMT
date: Tue, 07 Mar 2023 13:22:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/images/pwa/favicon-16x16.png

95.101.11.27

200 OK

246 B

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/images/pwa/favicon-16x16.png
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
246 B (246 bytes)
Hash
092dd0cc004db08ff98265037350b81a
bbbdf08c3f279ea318fe308202ca65a74bc1c001
c0723f5312022bead9fff56a976c8be0915470be2ea0f441d785de1632ceec73

HTTP Headers

GET /i/hw-web/v2/359997/images/pwa/favicon-16x16.png HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 246
Last-Modified: Tue, 07 Mar 2023 11:10:30 GMT
ETag: "64071ba6-f6"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3a0239ff817bd29abc5a7d19704c3596
701227a8125227707386efc9a35a7c98382a16a3
7d1fcb9bad3eb0184a844493a9a78f31c599f5b27a12348241d96ee4d1aca542

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1222
Cache-Control: max-age=97878
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Etag: "6406112a-1d7"
Expires: Wed, 08 Mar 2023 16:33:52 GMT
Last-Modified: Mon, 06 Mar 2023 16:13:30 GMT
Server: ECAcc (ska/F7B0)
X-Cache: HIT
Content-Length: 471

cdn.taboola.com/libtrc/unip/1171685/tfa.js

151.101.193.44

200 OK

18 kB

URL HTTP/2
cdn.taboola.com/libtrc/unip/1171685/tfa.js
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (59032)
Size
18 kB (18171 bytes)
Hash
ec167c0ee08fa33a7a6161aa7f7c6c70
87a17ddbd4cbef4851315da5e11d9089f55b8502
dea345875146e50eb1a2ffe608b3a272793815f1ab744cd92cd2604d251504d4

HTTP Headers

GET /libtrc/unip/1171685/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 5ZHfD7W5VcgCAJtsXtIGNEj7lL64+ENF12gwkqWmiabomkSFutJOeGE/R6+HT3DZDA32MIioizs=
x-amz-request-id: ZAMM8KPFPVNHQFCZ
x-amz-replication-status: COMPLETED
last-modified: Sun, 05 Mar 2023 11:11:21 GMT
etag: "e750890d0e914de9b68710480bc1c9e8"
x-amz-server-side-encryption: AES256
x-amz-version-id: 1KYKVmI1HthhomzrHITQ6p5dD4k7ywYZ
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Mar 2023 13:22:34 GMT
via: 1.1 varnish
age: 9
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1678195354.269837,VS0,VE0
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 15
access-control-allow-origin: *
content-length: 18171
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3a0239ff817bd29abc5a7d19704c3596
701227a8125227707386efc9a35a7c98382a16a3
7d1fcb9bad3eb0184a844493a9a78f31c599f5b27a12348241d96ee4d1aca542

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Last-Modified: Tue, 07 Mar 2023 11:54:10 GMT
Server: ECAcc (ska/F73C)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/sdk.js

157.240.200.14

200 OK

1.7 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (1957)
Size
1.7 kB (1687 bytes)
Hash
25194553c6cbf07d245a47320e384d5e
0fb2129da1908c3b28494e85fb6da9ddb61710b3
1e7210ba200b7f1c020a44b7cb8be843ea1b9c216444f419f6938239d9ab6f7b

HTTP Headers

GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: fa5cefcce9acee9676402bf0dc890499
etag: "c565180ec69e0daf22f39aae7308f03f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 07 Mar 2023 13:42:12 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JRlFU8bL8H0kWkcyDjhNXg==
x-fb-debug: rkHeJn5xebLAltPpPQN9KnalVamPjLYp5jSR9DqLI8WItGgPbW92oGGqCHRMtekX6Z5BbUoHBvGwiHpTRRyN7w==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Tue, 07 Mar 2023 13:22:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
28 kB (27907 bytes)
Hash
43d943c7499b27a8ef3972fa070f6756
59303c79335aa0a9f529c0f6166f99c3e650088c
96ab29f531694f1b8e5d2f031e16581fe1052636fb32c5cd96d55b824d6539b2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: uEjYYqg969c4WtOoRNl3FnUVu2P4bvs1wlrg9uhsTUFKx1vnk0eP7jeNAJ2TATFLeNr/viIFzjlrjIE4x0Emiw==
priority: u=3,i
content-length: 27907
x-fb-trip-id: 1679558926
date: Tue, 07 Mar 2023 13:22:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3a0239ff817bd29abc5a7d19704c3596
701227a8125227707386efc9a35a7c98382a16a3
7d1fcb9bad3eb0184a844493a9a78f31c599f5b27a12348241d96ee4d1aca542

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Last-Modified: Tue, 07 Mar 2023 11:54:10 GMT
Server: ECAcc (ska/F7A2)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 07 Mar 2023 12:12:30 GMT
expires: Tue, 07 Mar 2023 14:12:30 GMT
cache-control: public, max-age=7200
age: 4204
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

connect.facebook.net/en_US/sdk.js?hash=01747ce02e699ad1035d24c3a9ef3153

157.240.200.14

200 OK

87 kB

URL HTTP/2
connect.facebook.net/en_US/sdk.js?hash=01747ce02e699ad1035d24c3a9ef3153
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (13192)
Size
87 kB (87099 bytes)
Hash
18431a5852cab4207758982d12034f8b
ef993ec5c9d58d76d8fad2a384b775d06e7908b1
17cc3aed7a90aace5be7a9e24f757aaaeadf1c7270029caed4302bf4bbd6ef37

HTTP Headers

GET /en_US/sdk.js?hash=01747ce02e699ad1035d24c3a9ef3153 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: cf34edbe107a89b1e61183b61c125a23
etag: "592fa27e48a0e5dec9c3172067a953bc"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 06 Mar 2024 11:36:47 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: GEMaWFLKtCB3WJgtEgNPiw==
x-fb-debug: hV6ffuRqqdSosftvi1gP1JLoElVeqacjdVDuacaNeqBsJhySP+jcVTHHrgX1v4eIS5Jphu4FImT62nVaPy6YLw==
priority: u=3,i
content-length: 87099
x-fb-trip-id: 1679558926
date: Tue, 07 Mar 2023 13:22:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

trc.taboola.com/1171685/log/3/unip?en=view_content&tim=1678195354287&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&tos=162&ssd=1&scd=0

151.101.193.44

204 No Content

0 B

URL HTTP/2
trc.taboola.com/1171685/log/3/unip?en=view_content&tim=1678195354287&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&tos=162&ssd=1&scd=0
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1171685/log/3/unip?en=view_content&tim=1678195354287&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&tos=162&ssd=1&scd=0 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 07 Mar 2023 13:22:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1678195354.489046,VS0,VE86
x-vcl-time-ms: 86
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1867293949991560&ev=PageView&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&rl=&if=false&ts=1678195354510&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678195354509.1636639793&it=1678195354321&coo=false&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1867293949991560&ev=PageView&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&rl=&if=false&ts=1678195354510&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678195354509.1636639793&it=1678195354321&coo=false&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1867293949991560&ev=PageView&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&rl=&if=false&ts=1678195354510&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678195354509.1636639793&it=1678195354321&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 07 Mar 2023 13:22:34 GMT
X-Firefox-Spdy: h2

trc.taboola.com/1171685/trc/3/json?tim=1678195354278&data=%7B%22id%22%3A409%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354278%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i

151.101.193.44

200 OK

2.8 kB

URL HTTP/2
trc.taboola.com/1171685/trc/3/json?tim=1678195354278&data=%7B%22id%22%3A409%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354278%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4979), with no line terminators
Size
2.8 kB (2751 bytes)
Hash
c83c23c06f10dc1e9d25179f2de33461
9e30c67f9ce951cbfcef8c39b3f2ba8e79bb50fb
4e59be5e63f0e60d30a48df1f17b9a3b143ffc9e17826bbab031eb1bd7f77556

HTTP Headers

GET /1171685/trc/3/json?tim=1678195354278&data=%7B%22id%22%3A409%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354278%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Mar 2023 13:22:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1678195354.346048,VS0,VE97
vary: Accept-Encoding
x-vcl-time-ms: 97
X-Firefox-Spdy: h2

c.go-mpulse.net/api/config.json?key=9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2&d=www.hero-wars.com&t=5593985&v=1.720.0&sl=0&si=26f1ab2f-38b0-4197-947f-aae9f35227a4-rr5jtl&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=786156

23.38.200.138

200 OK

51 B

URL HTTP/1.1
c.go-mpulse.net/api/config.json?key=9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2&d=www.hero-wars.com&t=5593985&v=1.720.0&sl=0&si=26f1ab2f-38b0-4197-947f-aae9f35227a4-rr5jtl&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=786156
IP
23.38.200.138:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text
Size
51 B (51 bytes)
Hash
e7c2e0dcc2eed5518d03ef149af84d23
25a693bc8980fa9d9db9de7b0d354d1f3f7da183
d9e526b111d9cdd231ec8f33deee5de4f7c9df282e680638ae1aae480a7c6942

HTTP Headers

GET /api/config.json?key=9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2&d=www.hero-wars.com&t=5593985&v=1.720.0&sl=0&si=26f1ab2f-38b0-4197-947f-aae9f35227a4-rr5jtl&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=786156 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 51
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
Content-Type: application/json

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/bg-82ada9e.webp

95.101.11.27

200 OK

94 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/bg-82ada9e.webp
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
94 kB (94048 bytes)
Hash
5e01b6d96f820dcb9d020161d7b11301
10d9bceb738145a0516267146d37d1d726eadb39
7210a3b417519430aa48ac7442b9110d21b6f1ac1be12fcae1f3dbf8bf54820c

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/bg-82ada9e.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 94048
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-16f60"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/gal_with_lutohata-9712d65.webp

95.101.11.27

200 OK

178 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/gal_with_lutohata-9712d65.webp
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
178 kB (178038 bytes)
Hash
6c198a37e02eb9037043da187e6fae10
5cf51fd25a5ceb40f489339bfe4fa68a194521ed
7f6c05c86e601a0e7bcdaa20337328e59cd6d69d5ccf3a0c26eeb8561c45c4c7

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/gal_with_lutohata-9712d65.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 178038
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-2b776"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/button-8d46f8f.webp

95.101.11.27

200 OK

11 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/button-8d46f8f.webp
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
11 kB (11126 bytes)
Hash
1115e37ff374aeb3684da9c2ae051919
ab8fc7fb033cd789f2a1da0093bb11579249458f
a4c90e84d40c35794489a7c3968685484c9f171e38b6469cfe7ce68d7f471d11

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/button-8d46f8f.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 11126
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-2b76"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/logo-265449.png

95.101.11.27

200 OK

21 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/logo-265449.png
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 138 x 98, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20637 bytes)
Hash
4602852b041aaf1c4074b12c068e7e49
88ff677c03819753cf4ab25d482ab6e2b5849b4b
cb779bffbb7a0af2c273eaab74e089713873efd019500a02df5297396d264228

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/logo-265449.png HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 20637
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-509d"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/ribbon-top-2b1e9d7.webp

95.101.11.27

200 OK

20 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/ribbon-top-2b1e9d7.webp
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
20 kB (19738 bytes)
Hash
f7140679756da62039bead7bfc33c11a
fa55243982f1a7fc9e1c42b50dbcd858aa84f881
31f479c3315f7258b0f646303b777f482e1d9847766cf960e7aea31dc5a54341

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/ribbon-top-2b1e9d7.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 19738
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-4d1a"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/tobigreekcyrillic-regular-22b3c9.woff

95.101.11.27

200 OK

43 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/tobigreekcyrillic-regular-22b3c9.woff
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, TrueType, length 43388, version 0.0\012- data
Size
43 kB (43388 bytes)
Hash
b2c886bff572133b9f178fb222929c40
de0310b87cdd61e62372759c10b8777edd54ad27
b77c1c713aea9145f5910eba28580904cc7d5a3eb3480738bf7b76adcdb88588

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/tobigreekcyrillic-regular-22b3c9.woff HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 43388
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-a97c"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_bold-945157.woff

95.101.11.27

200 OK

26 kB

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_bold-945157.woff
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format, TrueType, length 25492, version 1.1\012- data
Size
26 kB (25492 bytes)
Hash
c8c3e82a72908913a24a8a833d25ae22
e4124905dffb268af81824b752460e17dcde57bf
5b74f9ae1a7694d6be867b6ba837f1b60dc5c245b605dfcc8070cf3880dff2e8

HTTP Headers

GET /i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_bold-945157.woff HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 25492
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-6394"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive

www.hero-wars.com/landing_loaded

95.101.10.66

200 OK

44 B

URL HTTP/2
www.hero-wars.com/landing_loaded
IP
95.101.10.66:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
44 B (44 bytes)
Hash
0abe67293af335f2189a2ba8fd737da5
08d0e71b7625d4364e9f01eb583343ca1c6d0f8f
fd2f79eac6a346cf9255f3c8ac7157ef0d70686332a0d07881f4a58c79a8dfa6

HTTP Headers

POST /landing_loaded HTTP/1.1
Host: www.hero-wars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618
Content-Type: application/json
X-CSRF-Token: oLfgH5IY0Dg1Wpk21GcGfVo8pK2lt00aIrQYVR9i
Origin: https://www.hero-wars.com
Content-Length: 297
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkFiTHAyUWl3L1pqd1FNSlNZbFFVNnc9PSIsInZhbHVlIjoiVCtVeWhQRVdidDd0MVJ5dDd3a0MyRGV3SFE3dGNwSFl6MDdFZ3B0MGJ5YjE4Sk1ZZDUzNTRWWHFQMjlPZVh5cyIsIm1hYyI6ImUyODk3MzE3OTFkMDljNDBhMTBhZjhlNWMxZWJjNGRkM2Y1ZGY1OWUwMjk2YzgwYmVmNDc0MDNhNjI5OTQzYWMiLCJ0YWciOiIifQ%3D%3D; hero_wars_session=eyJpdiI6IlM3bklRdWVNSjdYUHJacXBBS2l5ZlE9PSIsInZhbHVlIjoieVUyWkVyOXRoSWNSZDlISXk3N0NBTjFvMTkrcmhMQ29ka1dkb09WZEkvd0NKbHU4NFdZZ20vOVB4TDA2aXhCYSIsIm1hYyI6Ijk3ZDQ4MWNiMDRiY2JhZjA2NjYxNTUxMzFiNjBkMmMwNmQ1YTc0MGNlOTk5ZDRhYjM3N2VlMDIzM2E2NzlmMjciLCJ0YWciOiIifQ%3D%3D; hw_session_cookie=eyJpdiI6ImI1T0lKNnFqYno0QWhRT0FuYm53bkE9PSIsInZhbHVlIjoiK0hqeHBVdm0zSW1vSHBjVSt4am9VeXFaS3pUV3JTUTRyTU1lU1U2M3ZHOENleG5VcFNza1pzcE8xaDUvWnc2NCtaaXo5MjdtM2dycitYMStJZmpDWEE9PSIsIm1hYyI6IjcxMDEzZmM5NTEyYTNhZWQ3MGY3MTExNmQxYjE5NTZiNzYzMzMwMGY3ZGJmZTAwYTEyZjgwOGUzMDA4ZWI5MDMiLCJ0YWciOiIifQ%3D%3D; AKA_A2=A; ak_bmsc=48F294F42C30696B76B0D3369EDC6E3B~000000000000000000000000000000~YAAQPgplX7DHwImGAQAAMeg8vBP5B/3qWqxN5sOZDFH3/FHShvhe0CiFc0PYV8ycfHh5Df1koWkxME5az+36Qrvy9Eftey0WtJvYsOxYHowO1Jd/Ck3cWfPFwc4sLaiVHI9r/4msl0ax2MfMgWh1vrI7AXoIbbz6+nMHK/YQbtuqNYyipSAyzmpmbGEO2Rfi44AHJyBZkItJw+i47+zVbGcUkElZXPtB+ExAu9e6OtDmH3VTEdNe6zDB3giZCSumjdGxM8O43MKTw8+ABehzhXuIBqYrRicfqUGoNBMgGHoOEkeEDSsp7QIiA9ZgY12ap4me4DIRfKU3Ey6NK8JAnYQygFuBC7cZ4TL4GRpeO+V0LAdBSTAZx8KYU15ULmmHCkbZpc0Maqprholm; _gcl_au=1.1.1748264608.1678195354; _fbp=fb.1.1678195354509.1636639793
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/json
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,x-auth-application-id,x-auth-network-ident,x-auth-player-id,x-auth-session-id,x-auth-session-init,x-auth-session-key,x-auth-signature,x-auth-token,x-auth-user-id,x-env-referrer,x-request-id,x-requested-with,x-server-time,x-env-library-version,x-auth-network-sign,authorization
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 07 Mar 2023 13:22:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Mar 2023 13:22:34 GMT
content-length: 44
set-cookie: XSRF-TOKEN=eyJpdiI6Imh4VitteVM2aG10TW1XazZXeW0zVVE9PSIsInZhbHVlIjoiak5ScXplYUYrQnVJc0M3VFBaUTBiYndCTGwxdTNReDdUbUtuRmZ2RHRqLytlaWdvTUVTb1IraEZHMmo2K2VMbiIsIm1hYyI6Ijg0ZTA5ZDljOGI1YzdmZDNhM2VmNDdiZTQwOTcyYmNhYzE1ZGIxYmM4MzY3MTBiZTkzYWM4YzYyNjQwOTVmNmEiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 06-May-2023 13:22:34 GMT; Max-Age=5184000; path=/; samesite=lax
hero_wars_session=eyJpdiI6Ik5xdjI1Qm1iQS84dzFBeGtncEZ4S3c9PSIsInZhbHVlIjoiRXBjdkJoM1o3dGtRQXpYY0x5Nm51eFZ6RkI1cDJkaU1IUWZadHFOZDVzSWhUUWFqeDNtOWZEWk94SHBYelNxYiIsIm1hYyI6Ijc0YjU1MTkxYTVkNjZhYmY2OTNlOWQ5YmRkMzhhMzkzMWVhNWM0MzU4N2QxZTZhMDViMjJiOGE4ODExOGE2MDMiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 06-May-2023 13:22:34 GMT; Max-Age=5184000; path=/; httponly; samesite=lax
hw_session_cookie=eyJpdiI6IjgzOVdQV0F6VC9mSzVWMzlWLzhJY0E9PSIsInZhbHVlIjoiVVFWY1I5VGh3UU5nbEVFWXJCbFV2UT09IiwibWFjIjoiZGM0NDVhZTdjZDg4M2NmZjk3N2QyZTk5Nzk1OTRmZjRjMjA1MWI0NmYxMTRhZTM2NTgxMDc2ZWJlNDYxOWI5NyIsInRhZyI6IiJ9; expires=Thu, 08-Mar-2018 13:22:34 GMT; Max-Age=0; path=/; httponly; samesite=lax
bm_sv=2A249E180931B27890299CE8A8A3DBED~YAAQPgplX7HHwImGAQAA8uw8vBNCv1WdsHP+aGzfwJTQKJNlZiiod0SZwfsUjov/Hd6kmw6oUV0jpUzh5N9HGxe3w3v15TvRqeP43LrojG2DFwbu/oQML0zNavypwvgVIS8vEco9MaM2Ap0UKHkAn1vZUx197e4O53ADN6gAGcdHlPjA2TXD+MbW4I+irqwtuguVkzBOJsvM7riRMegBIlp9vLPrXxkrW/dXJlBrFfFRg225BrcyZnGeevEy+TnmHW/2~1; Domain=.hero-wars.com; Path=/; Expires=Tue, 07 Mar 2023 15:22:34 GMT; Max-Age=7200; Secure
server-timing: edge; dur=5, origin; dur=128, cdn-cache; desc=MISS, ak_p; desc="466165_1600457278_96496757_13254_3722_1_0";dur=1
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11808
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:22:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11808
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:22:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11808
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:22:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11808
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:22:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6282 bytes)
Hash
e4a8d319b1ada8f22e8a1874033aba2c
3afc8111b03b662e88e61f4991a20a90d7d4f973
fca961af0737a3f0caa3a8d5762a309b871f54d0c8bd0e6ab4efdee4cf2fa462

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6282
x-amzn-requestid: 7f17d7b2-eff8-4e36-a0b6-661862d08620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOHQGtNIAMFp8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065d61-18f0b0196b949829744dae4c;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: U0xw1_Kqlj1h5fIdhMFyxdB7mqMJRRx7ZpjFOo165GNmsiGruqLHmg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:13:56 GMT
age: 54519
etag: "3afc8111b03b662e88e61f4991a20a90d7d4f973"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3359 bytes)
Hash
e6edb15b0628347e7e7064affe077331
c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26
56c482b858cef1eb56a47dc54b298c31c2dd85cacdc748cea30b3d74a3cda99b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3359
x-amzn-requestid: c884d077-cb85-41c5-adcb-2baac3350d4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOuYHNJIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065e5b-74ab80fe0f96e85957d1a0f3;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5IlVoIIqNo7P0mzxWpDyuMF8xLoDQqldyINHPFIvnRmLoen0sce1tg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:09:51 GMT
etag: "c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26"
content-type: image/jpeg
age: 54764
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9515 bytes)
Hash
7ec4f2da6f73f59d9a2493697cbaec8c
3513d0fa932a2cf6ec0cf948cfd6e9c67e450824
cbe6ab8f36271592c0febfa90fe92c88d96dce40197e66cb7c06470bf99eccde

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9515
x-amzn-requestid: b2c70ebf-087b-4adf-bc0d-d657586581cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A_J1hHdLoAMFQKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fc5689-632acdce4082512541dc8c1a;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 07:06:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DH-jkcare5_Lmpq_M188dxcLGdvvYb3mj98EAWqe5Z6YCnxff9Xw3w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:38:34 GMT
age: 53041
etag: "3513d0fa932a2cf6ec0cf948cfd6e9c67e450824"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3389a930-6e96-43f6-92b6-997fabeb27da.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7507 bytes)
Hash
c229e9be4ad878528d3be67e4c05e7b1
03da37d1ac086a0fe3c6415cc297a6a38659db46
13927a535230f45e8fe13412b7d5a3a63f253aca91ac8e4f0c78f1dab289d4d3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3389a930-6e96-43f6-92b6-997fabeb27da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: b14d1930-331a-4c89-8f32-13fd0107655a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BK_C1GAsIAMFqoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64011211-67b4ba2644683bba365394d5;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:16:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7S23wJqg6X5oCo7wlR9S9Ol8Hm5WB0LsBmtyCCKEsYnJNtRXUbAsEQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 16:56:59 GMT
age: 73536
etag: "03da37d1ac086a0fe3c6415cc297a6a38659db46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8512 bytes)
Hash
0d9e542d11eb3e8eaf08c83e0d72ea74
3113bde9c7ab14701fc4dbc39eec955b30d70150
c677d4b6fc6cf9c120e4f1844cf4605aeb6c7902fdde34ae21258fbb64d0f79b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8512
x-amzn-requestid: 9f7f00c0-dfb4-4b72-a4be-1a5f3c6f2401
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYNhZHU4oAMFTsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065c6f-5b1f26a475702ce913902e66;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: SRN7vb7fldI_vjnuKgm6wXus67qkokYCVJBJXdCNeCQ7mfxRDKcqaQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 21:54:06 GMT
age: 55709
etag: "3113bde9c7ab14701fc4dbc39eec955b30d70150"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7235 bytes)
Hash
28063b72ccbc658caa4705a87e7a4e12
35a9f5d55ffadd16548d61c99d59e426dd11ce21
a9a2c8104c6c8454eff30437c96b672e230b073623f33a67614fe4fa3ba0645d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: 17b741c5-3911-46a5-b22d-17ef50381ad4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO15EPHIAMFx-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591bf-58dbdf76597432b9505f5805;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IYw6V_NejqrqRl4UmaUhYInv69UZcaqm8ytploOryAw3Gz4jyJNbdQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 05:13:26 GMT
age: 29349
etag: "35a9f5d55ffadd16548d61c99d59e426dd11ce21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-LFE4ZMGDNX&gtm=45je3310&_p=1996380777&gcs=G100&cid=2039634085.1678195355&ul=en-us&sr=1280x1024&_s=1&sid=1678195354&sct=1&seg=0&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&dt=Hero%20Wars%20%7C%20Online%20action%20game%20%7C%20RPG&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-LFE4ZMGDNX&gtm=45je3310&_p=1996380777&gcs=G100&cid=2039634085.1678195355&ul=en-us&sr=1280x1024&_s=1&sid=1678195354&sct=1&seg=0&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&dt=Hero%20Wars%20%7C%20Online%20action%20game%20%7C%20RPG&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-LFE4ZMGDNX&gtm=45je3310&_p=1996380777&gcs=G100&cid=2039634085.1678195355&ul=en-us&sr=1280x1024&_s=1&sid=1678195354&sct=1&seg=0&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&dt=Hero%20Wars%20%7C%20Online%20action%20game%20%7C%20RPG&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.hero-wars.com
date: Tue, 07 Mar 2023 13:22:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

trc-events.taboola.com/1123625/log/3/unip?en=pre_d_eng_tb&tos=1602&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355879&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1123625/log/3/unip?en=pre_d_eng_tb&tos=1602&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355879&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1123625/log/3/unip?en=pre_d_eng_tb&tos=1602&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355879&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Tue, 07 Mar 2023 13:22:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

trc-events.taboola.com/1171685/log/3/unip?en=pre_d_eng_tb&tos=1603&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355880&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1171685/log/3/unip?en=pre_d_eng_tb&tos=1603&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355880&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1171685/log/3/unip?en=pre_d_eng_tb&tos=1603&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355880&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Tue, 07 Mar 2023 13:22:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

trc-events.taboola.com/1123625/log/3/unip?en=pre_d_eng_tb&tos=4604&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358880&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1123625/log/3/unip?en=pre_d_eng_tb&tos=4604&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358880&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1123625/log/3/unip?en=pre_d_eng_tb&tos=4604&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358880&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 07 Mar 2023 13:22:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

trc-events.taboola.com/1171685/log/3/unip?en=pre_d_eng_tb&tos=4605&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358882&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/1171685/log/3/unip?en=pre_d_eng_tb&tos=4605&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358882&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1171685/log/3/unip?en=pre_d_eng_tb&tos=4605&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358882&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 07 Mar 2023 13:22:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/landingSocials.js

95.101.11.27

200 OK

0 B

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/landingSocials.js
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i/hw-web/v2/359997/js/landingSocials.js HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 11:10:30 GMT
ETag: W/"64071ba6-4c41e"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 112334
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

heroesweb-a.akamaihd.net/i/hw-web/v2/359997/css/landings.css

95.101.11.27

200 OK

0 B

URL HTTP/1.1
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/css/landings.css
IP
95.101.11.27:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /i/hw-web/v2/359997/css/landings.css HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 07 Mar 2023 11:10:14 GMT
ETag: W/"64071b96-47980"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 33733
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

fonts.googleapis.com/css2?family=Noto+Sans+SC:wght@400;500&family=Noto+Sans:ital@0;1&display=swap

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Noto+Sans+SC:wght@400;500&family=Noto+Sans:ital@0;1&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Noto+Sans+SC:wght@400;500&family=Noto+Sans:ital@0;1&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 13:22:34 GMT
date: Tue, 07 Mar 2023 13:22:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML