inoradde.com/4/4292618/
139.45.197.238200 OK 635 B IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0e4e0d804cfb47e62087993dd785556c
c7e7856f422a4a4014b41dbcc6bcb3254ff0dc1c
de653430db63dae860cbfa0cb10b0cb57aa38bebf24f7922a3d1e190af3de50b
Analyzer Verdict Alert quad9 Sinkholed
GET /4/4292618/ HTTP/1.1
Host: inoradde.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Mar 2023 13:22:32 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c9ed07a0a23465a302ada5f65f9ba83e
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://nexters.g2afse.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=e78c5419c72c47c8bad3a5207c41b261; expires=Wed, 06 Mar 2024 13:22:32 GMT; path=/
oaidts=1678195352; expires=Wed, 06 Mar 2024 13:22:32 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16099
Expires: Tue, 07 Mar 2023 17:50:51 GMT
Date: Tue, 07 Mar 2023 13:22:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0f2c901fe04f9e3d18e9c3387b076780
3f0115cd05d7857a8119eff0479f5812df155d3d
84518fa2565f7f63933d3c552e1dc07f84c71f4a3df5d2821484c371ef57b924
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84518FA2565F7F63933D3C552E1DC07F84C71F4A3DF5D2821484C371EF57B924"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Tue, 07 Mar 2023 14:36:37 GMT
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Mar 2023 13:08:40 GMT
content-type: application/json
age: 833
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19136
Expires: Tue, 07 Mar 2023 18:41:29 GMT
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6VTgSLXO4cjofQ4LHnWyX0uRkqHPRw/MxJJ5CWLFrqV+sKVsWwdmo2nXPvjBNPa66qC2TcDVgnai4e49hJXGUg==
x-amz-request-id: YSW76T5SCS5WFB5C
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Mar 2023 12:35:13 GMT
age: 2840
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Mar 2023 13:22:33 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f37b00ad5514a7578713619a06bc1f6a
3605bf27235fd158384810d8c1f2f0bf41e32637
fe820d7a7e0ff4df3822548f0d20e31d697329d498389d74b6c10f1a76367398
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE820D7A7E0FF4DF3822548F0D20E31D697329D498389D74B6C10F1A76367398"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3304
Expires: Tue, 07 Mar 2023 14:17:37 GMT
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash 1c46665aaab6542d3e3785f86abdfbb6
78f0f5988058be928e55aef1d40f54cd5694b900
5b80071a6c7e5b03cbb653e22ecf1665703f2ef3af8b0eee435fd540b8fa2c85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6199
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:33 GMT
Last-Modified: Tue, 07 Mar 2023 11:39:14 GMT
Server: ECAcc (amb/6B48)
X-Cache: HIT
Content-Length: 312
inoradde.com/favicon.ico
139.45.197.238204 No Content 0 B IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: inoradde.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=e78c5419c72c47c8bad3a5207c41b261; oaidts=1678195352
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Pragma: public
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
my.rtmark.net/img.gif?f=merge&userId=e78c5419c72c47c8bad3a5207c41b261
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=e78c5419c72c47c8bad3a5207c41b261
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=e78c5419c72c47c8bad3a5207c41b261 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 07 Mar 2023 13:22:33 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e78c5419c72c47c8bad3a5207c41b261; expires=Wed, 06 Mar 2024 13:22:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
nexters.g2afse.com/click?pid=5&offer_id=7&sub1=4292618&sub8=656961526821032100&rdk=rk1
34.91.91.144302 Found 0 B URL HTTP/2 nexters.g2afse.com/click?pid=5&offer_id=7&sub1=4292618&sub8=656961526821032100&rdk=rk1
IP 34.91.91.144:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=5&offer_id=7&sub1=4292618&sub8=656961526821032100&rdk=rk1 HTTP/1.1
Host: nexters.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 07 Mar 2023 13:22:33 GMT
content-length: 0
location: https://www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=64073a9946cce00001cc886a; expires=Wed, 06 Mar 2024 13:22:33 GMT; secure; SameSite=None
afoffers={"7":1678195353}; expires=Wed, 06 Mar 2024 13:22:33 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Mar 2023 13:12:30 GMT
age: 603
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618
95.101.10.66200 OK 4.2 kB URL HTTP/2 www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618
IP 95.101.10.66:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4269)
Hash 13c904a744efeafc04a63bcd09b93344
15376e1cea28e2a6810920b4edbbe9ccadcc4fa6
b91b16d1ee9d58ec86badb1eba12d5ab6235c158ea53fd87a9d26fa40bfcc89c
GET /?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618 HTTP/1.1
Host: www.hero-wars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,x-auth-application-id,x-auth-network-ident,x-auth-player-id,x-auth-session-id,x-auth-session-init,x-auth-session-key,x-auth-signature,x-auth-token,x-auth-user-id,x-env-referrer,x-request-id,x-requested-with,x-server-time,x-env-library-version,x-auth-network-sign,authorization
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-akamai-transformed: 9 - 0 pmb=mRUM,2
content-encoding: gzip
expires: Tue, 07 Mar 2023 13:22:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Mar 2023 13:22:33 GMT
content-length: 4202
set-cookie: XSRF-TOKEN=eyJpdiI6IkFiTHAyUWl3L1pqd1FNSlNZbFFVNnc9PSIsInZhbHVlIjoiVCtVeWhQRVdidDd0MVJ5dDd3a0MyRGV3SFE3dGNwSFl6MDdFZ3B0MGJ5YjE4Sk1ZZDUzNTRWWHFQMjlPZVh5cyIsIm1hYyI6ImUyODk3MzE3OTFkMDljNDBhMTBhZjhlNWMxZWJjNGRkM2Y1ZGY1OWUwMjk2YzgwYmVmNDc0MDNhNjI5OTQzYWMiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 06-May-2023 13:22:33 GMT; Max-Age=5184000; path=/; samesite=lax
hero_wars_session=eyJpdiI6IlM3bklRdWVNSjdYUHJacXBBS2l5ZlE9PSIsInZhbHVlIjoieVUyWkVyOXRoSWNSZDlISXk3N0NBTjFvMTkrcmhMQ29ka1dkb09WZEkvd0NKbHU4NFdZZ20vOVB4TDA2aXhCYSIsIm1hYyI6Ijk3ZDQ4MWNiMDRiY2JhZjA2NjYxNTUxMzFiNjBkMmMwNmQ1YTc0MGNlOTk5ZDRhYjM3N2VlMDIzM2E2NzlmMjciLCJ0YWciOiIifQ%3D%3D; expires=Sat, 06-May-2023 13:22:33 GMT; Max-Age=5184000; path=/; httponly; samesite=lax
hw_session_cookie=eyJpdiI6ImI1T0lKNnFqYno0QWhRT0FuYm53bkE9PSIsInZhbHVlIjoiK0hqeHBVdm0zSW1vSHBjVSt4am9VeXFaS3pUV3JTUTRyTU1lU1U2M3ZHOENleG5VcFNza1pzcE8xaDUvWnc2NCtaaXo5MjdtM2dycitYMStJZmpDWEE9PSIsIm1hYyI6IjcxMDEzZmM5NTEyYTNhZWQ3MGY3MTExNmQxYjE5NTZiNzYzMzMwMGY3ZGJmZTAwYTEyZjgwOGUzMDA4ZWI5MDMiLCJ0YWciOiIifQ%3D%3D; path=/; httponly; samesite=lax
XSRF-TOKEN=eyJpdiI6Inc5OVlUSTRSSjVuQzJZc0REMGY4aHc9PSIsInZhbHVlIjoib3dQdlVnTlAwNzJoNHp1RG1Cc1VQQT09IiwibWFjIjoiZTMwOWU5ZTNkMWViMzBjMWY3YzkzMWUxMzNiZTQ3MWQ4Yzg0YTg2ZWMyMGM0MzFhZmNkYThkYmQ4NGMwODFjNSIsInRhZyI6IiJ9; expires=Thu, 08-Mar-2018 13:22:33 GMT; Max-Age=0; path=/; domain=.hero-wars.com; httponly; samesite=lax
AKA_A2=A; expires=Tue, 07-Mar-2023 14:22:33 GMT; path=/; domain=hero-wars.com; secure; HttpOnly
ak_bmsc=48F294F42C30696B76B0D3369EDC6E3B~000000000000000000000000000000~YAAQPgplX7DHwImGAQAAMeg8vBP5B/3qWqxN5sOZDFH3/FHShvhe0CiFc0PYV8ycfHh5Df1koWkxME5az+36Qrvy9Eftey0WtJvYsOxYHowO1Jd/Ck3cWfPFwc4sLaiVHI9r/4msl0ax2MfMgWh1vrI7AXoIbbz6+nMHK/YQbtuqNYyipSAyzmpmbGEO2Rfi44AHJyBZkItJw+i47+zVbGcUkElZXPtB+ExAu9e6OtDmH3VTEdNe6zDB3giZCSumjdGxM8O43MKTw8+ABehzhXuIBqYrRicfqUGoNBMgGHoOEkeEDSsp7QIiA9ZgY12ap4me4DIRfKU3Ey6NK8JAnYQygFuBC7cZ4TL4GRpeO+V0LAdBSTAZx8KYU15ULmmHCkbZpc0Maqprholm; Domain=.hero-wars.com; Path=/; Expires=Tue, 07 Mar 2023 15:22:33 GMT; Max-Age=7200; HttpOnly
server-timing: edge; dur=2, origin; dur=188, cdn-cache; desc=MISS, ak_p; desc="466165_1600457278_96496460_18948_6838_1_0";dur=1
link: <https://heroesweb-a.akamaihd.net>;rel="preconnect",<https://heroesru-a.akamaihd.net>;rel="preconnect",<https://fonts.gstatic.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://cdn.onesignal.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://cdn.taboola.com>;rel="preconnect",<https://cdn.gsght.com>;rel="preconnect"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NZL7Z2L
172.217.21.168200 OK 91 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NZL7Z2L
IP 172.217.21.168:0
File type ASCII text, with very long lines (60353)
Hash 7b77ca8fe30953926fa7fb9f4cef7898
e1ba5d210a02697cdae286acc0d4ad366b232cbc
1b97425c8e1192ea6bdb48346d436dc792588be47885961a564b5010143b6f66
GET /gtm.js?id=GTM-NZL7Z2L HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Mar 2023 13:22:33 GMT
expires: Tue, 07 Mar 2023 13:22:33 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Mar 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91019
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2479
Expires: Tue, 07 Mar 2023 14:03:52 GMT
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/libs/get_browser.lib.js
95.101.11.27200 OK 1.3 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/libs/get_browser.lib.js
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (5580)
Hash 241b34c9666fd7ec55e55633a7517b7d
70fe7d9dee0f2a730d560df126d7b27b459f9ee7
08f803ff75e113c9d112b4c7d65da6d5d9c094ac5f59dcca3c37a3a17190317a
GET /i/hw-web/v2/359997/js/libs/get_browser.lib.js HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 11:10:30 GMT
ETag: W/"64071ba6-15cd"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 1338
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/locale/en/autoGenerateTranslate.js
95.101.11.27200 OK 8.8 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/locale/en/autoGenerateTranslate.js
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (21928), with no line terminators
Hash 6ac6038e3230cf43ee650cb48cb3a5aa
679f889b20b7ddd067356f5e2d189560d7654b87
ed4b34a84b40bd9cbaa9581d1fcae0fefd9a7462d3155ea5c3a4fffc8c56d639
GET /i/hw-web/v2/359997/js/locale/en/autoGenerateTranslate.js HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 11:10:30 GMT
ETag: W/"64071ba6-55a8"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 8803
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
95.101.11.27200 OK 5.0 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (15115), with no line terminators
Hash 6b3c2706aee89a09f383e11e4dd96131
8d691c3fec665a4c2a643530a88781ed24b70aef
32d51560b156052513512d19d00f21d3adacf3969e55c8aeb8141d3eba8f33db
GET /i/hw-web/v2/359997/external_landings/loot12/style.css HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: W/"64071ba1-3b0b"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 5031
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/main.js
95.101.11.27200 OK 79 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/main.js
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (63804), with no line terminators
Hash 3d79d575312eef94761ef98ad491781d
6ab7c1be0590a2d5a698d85fc3e0ee24880416ec
045c7ec2964c7128303df9da633f953520effdaf6d5a03c0c05b325e2d9a4e10
GET /i/hw-web/v2/359997/external_landings/loot12/main.js HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: W/"64071ba1-2e780"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 79020
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/logo-7d56fa8.webp
95.101.11.27200 OK 11 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/logo-7d56fa8.webp
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7793d407d927d53de9fe0950f736ec1f
c91ccf4d88c6f497b40fc11811b7260e6170aa5b
3c74c17a2d54a70b1411f25d149476011ce8bb8b634ce64ea248290760b75b68
GET /i/hw-web/v2/359997/external_landings/loot12/assets/logo-7d56fa8.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 10800
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-2a30"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_regular-3f8f20.woff
95.101.11.27200 OK 25 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_regular-3f8f20.woff
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 24952, version 1.1\012- data
Hash e23c7d2768415430d64e7a06dc02a185
13677bc658eee394213bab72c0bff752f4f97036
0c4b058b31abf3088ecb3e40be509613a0f7139ce503c5cfbb4c62379e65f63f
GET /i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_regular-3f8f20.woff HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 24952
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-6178"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
www.googleoptimize.com/optimize.js?id=GTM-NHMFT83
142.250.74.78200 OK 45 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=GTM-NHMFT83
IP 142.250.74.78:0
File type ASCII text, with very long lines (2206)
Hash 1799f8d4063b8415342f2636a4d515ff
11738e53b5801b1b32a89517baeed53dfb38da1a
9b9077c05fd1307af92bccfd4d182b49b7a93c8b64b877ade5be59806c3938d6
GET /optimize.js?id=GTM-NHMFT83 HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Mar 2023 13:22:34 GMT
expires: Tue, 07 Mar 2023 13:22:34 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 Mar 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.172.78101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.172.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PWIpGybBaxou9pGSwF4dVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6as17mUQXnVaVkbkp3K54nFSqWc=
s.go-mpulse.net/boomerang/9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2
23.38.200.138200 OK 50 kB URL HTTP/2 s.go-mpulse.net/boomerang/9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2
IP 23.38.200.138:0
File type C source, ASCII text, with very long lines (65103)
Hash 8991c3ec80ec8fbc41382a55679e3911
8cc8cee91d671038acd9e3ae611517d6801b0909
f55bacd4a20fef96f5c736a912d1947be85c268df18003395e511c1e860e8800
GET /boomerang/9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2 HTTP/1.1
Host: s.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
content-encoding: br
last-modified: Sun, 26 Feb 2023 05:11:26 GMT
timing-allow-origin: *
vary: Accept-Encoding
x-n: S
content-length: 50393
date: Tue, 07 Mar 2023 13:22:34 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
142.250.74.106200 OK 56 kB URL HTTP/2 fonts.googleapis.com/css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
IP 142.250.74.106:0
Hash 39ab2d01aaa8dd182a3d4ab0ffaa67d4
505034ff83a5c0fd6ec6eb731b5347185f2b4d8e
26e9b336713b71934522dee00be236b1a9b1aa587058b4952789931c57c567a8
GET /css2?family=Noto+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 13:22:34 GMT
date: Tue, 07 Mar 2023 13:22:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/images/pwa/favicon-16x16.png
95.101.11.27200 OK 246 B URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/images/pwa/favicon-16x16.png
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 092dd0cc004db08ff98265037350b81a
bbbdf08c3f279ea318fe308202ca65a74bc1c001
c0723f5312022bead9fff56a976c8be0915470be2ea0f441d785de1632ceec73
GET /i/hw-web/v2/359997/images/pwa/favicon-16x16.png HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 246
Last-Modified: Tue, 07 Mar 2023 11:10:30 GMT
ETag: "64071ba6-f6"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 3a0239ff817bd29abc5a7d19704c3596
701227a8125227707386efc9a35a7c98382a16a3
7d1fcb9bad3eb0184a844493a9a78f31c599f5b27a12348241d96ee4d1aca542
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1222
Cache-Control: max-age=97878
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Etag: "6406112a-1d7"
Expires: Wed, 08 Mar 2023 16:33:52 GMT
Last-Modified: Mon, 06 Mar 2023 16:13:30 GMT
Server: ECAcc (ska/F7B0)
X-Cache: HIT
Content-Length: 471
cdn.taboola.com/libtrc/unip/1171685/tfa.js
151.101.193.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1171685/tfa.js
IP 151.101.193.44:0
File type ASCII text, with very long lines (59032)
Hash ec167c0ee08fa33a7a6161aa7f7c6c70
87a17ddbd4cbef4851315da5e11d9089f55b8502
dea345875146e50eb1a2ffe608b3a272793815f1ab744cd92cd2604d251504d4
GET /libtrc/unip/1171685/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5ZHfD7W5VcgCAJtsXtIGNEj7lL64+ENF12gwkqWmiabomkSFutJOeGE/R6+HT3DZDA32MIioizs=
x-amz-request-id: ZAMM8KPFPVNHQFCZ
x-amz-replication-status: COMPLETED
last-modified: Sun, 05 Mar 2023 11:11:21 GMT
etag: "e750890d0e914de9b68710480bc1c9e8"
x-amz-server-side-encryption: AES256
x-amz-version-id: 1KYKVmI1HthhomzrHITQ6p5dD4k7ywYZ
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Mar 2023 13:22:34 GMT
via: 1.1 varnish
age: 9
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1678195354.269837,VS0,VE0
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 15
access-control-allow-origin: *
content-length: 18171
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 3a0239ff817bd29abc5a7d19704c3596
701227a8125227707386efc9a35a7c98382a16a3
7d1fcb9bad3eb0184a844493a9a78f31c599f5b27a12348241d96ee4d1aca542
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Last-Modified: Tue, 07 Mar 2023 11:54:10 GMT
Server: ECAcc (ska/F73C)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1957)
Hash 25194553c6cbf07d245a47320e384d5e
0fb2129da1908c3b28494e85fb6da9ddb61710b3
1e7210ba200b7f1c020a44b7cb8be843ea1b9c216444f419f6938239d9ab6f7b
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: fa5cefcce9acee9676402bf0dc890499
etag: "c565180ec69e0daf22f39aae7308f03f"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 07 Mar 2023 13:42:12 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JRlFU8bL8H0kWkcyDjhNXg==
x-fb-debug: rkHeJn5xebLAltPpPQN9KnalVamPjLYp5jSR9DqLI8WItGgPbW92oGGqCHRMtekX6Z5BbUoHBvGwiHpTRRyN7w==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Tue, 07 Mar 2023 13:22:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 43d943c7499b27a8ef3972fa070f6756
59303c79335aa0a9f529c0f6166f99c3e650088c
96ab29f531694f1b8e5d2f031e16581fe1052636fb32c5cd96d55b824d6539b2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: uEjYYqg969c4WtOoRNl3FnUVu2P4bvs1wlrg9uhsTUFKx1vnk0eP7jeNAJ2TATFLeNr/viIFzjlrjIE4x0Emiw==
priority: u=3,i
content-length: 27907
x-fb-trip-id: 1679558926
date: Tue, 07 Mar 2023 13:22:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 3a0239ff817bd29abc5a7d19704c3596
701227a8125227707386efc9a35a7c98382a16a3
7d1fcb9bad3eb0184a844493a9a78f31c599f5b27a12348241d96ee4d1aca542
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5304
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 13:22:34 GMT
Last-Modified: Tue, 07 Mar 2023 11:54:10 GMT
Server: ECAcc (ska/F7A2)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 07 Mar 2023 12:12:30 GMT
expires: Tue, 07 Mar 2023 14:12:30 GMT
cache-control: public, max-age=7200
age: 4204
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=01747ce02e699ad1035d24c3a9ef3153
157.240.200.14200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=01747ce02e699ad1035d24c3a9ef3153
IP 157.240.200.14:0
File type ASCII text, with very long lines (13192)
Hash 18431a5852cab4207758982d12034f8b
ef993ec5c9d58d76d8fad2a384b775d06e7908b1
17cc3aed7a90aace5be7a9e24f757aaaeadf1c7270029caed4302bf4bbd6ef37
GET /en_US/sdk.js?hash=01747ce02e699ad1035d24c3a9ef3153 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: cf34edbe107a89b1e61183b61c125a23
etag: "592fa27e48a0e5dec9c3172067a953bc"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 06 Mar 2024 11:36:47 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: GEMaWFLKtCB3WJgtEgNPiw==
x-fb-debug: hV6ffuRqqdSosftvi1gP1JLoElVeqacjdVDuacaNeqBsJhySP+jcVTHHrgX1v4eIS5Jphu4FImT62nVaPy6YLw==
priority: u=3,i
content-length: 87099
x-fb-trip-id: 1679558926
date: Tue, 07 Mar 2023 13:22:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
trc.taboola.com/1171685/log/3/unip?en=view_content&tim=1678195354287&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&tos=162&ssd=1&scd=0
151.101.193.44204 No Content 0 B URL HTTP/2 trc.taboola.com/1171685/log/3/unip?en=view_content&tim=1678195354287&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&tos=162&ssd=1&scd=0
IP 151.101.193.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1171685/log/3/unip?en=view_content&tim=1678195354287&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&tos=162&ssd=1&scd=0 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Tue, 07 Mar 2023 13:22:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1678195354.489046,VS0,VE86
x-vcl-time-ms: 86
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1867293949991560&ev=PageView&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&rl=&if=false&ts=1678195354510&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678195354509.1636639793&it=1678195354321&coo=false&rqm=GET
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1867293949991560&ev=PageView&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&rl=&if=false&ts=1678195354510&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678195354509.1636639793&it=1678195354321&coo=false&rqm=GET
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1867293949991560&ev=PageView&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&rl=&if=false&ts=1678195354510&sw=1280&sh=1024&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678195354509.1636639793&it=1678195354321&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 07 Mar 2023 13:22:34 GMT
X-Firefox-Spdy: h2
trc.taboola.com/1171685/trc/3/json?tim=1678195354278&data=%7B%22id%22%3A409%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354278%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.193.44200 OK 2.8 kB URL HTTP/2 trc.taboola.com/1171685/trc/3/json?tim=1678195354278&data=%7B%22id%22%3A409%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354278%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.193.44:0
File type ASCII text, with very long lines (4979), with no line terminators
Hash c83c23c06f10dc1e9d25179f2de33461
9e30c67f9ce951cbfcef8c39b3f2ba8e79bb50fb
4e59be5e63f0e60d30a48df1f17b9a3b143ffc9e17826bbab031eb1bd7f77556
GET /1171685/trc/3/json?tim=1678195354278&data=%7B%22id%22%3A409%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1678195354273%2C%22cv%22%3A%2220230302-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.hero-wars.com%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnextersglobal-herowarsweb-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1678195354278%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Tue, 07 Mar 2023 13:22:34 GMT
via: 1.1 varnish
x-served-by: cache-bma1643-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1678195354.346048,VS0,VE97
vary: Accept-Encoding
x-vcl-time-ms: 97
X-Firefox-Spdy: h2
c.go-mpulse.net/api/config.json?key=9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2&d=www.hero-wars.com&t=5593985&v=1.720.0&sl=0&si=26f1ab2f-38b0-4197-947f-aae9f35227a4-rr5jtl&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=786156
23.38.200.138200 OK 51 B URL HTTP/1.1 c.go-mpulse.net/api/config.json?key=9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2&d=www.hero-wars.com&t=5593985&v=1.720.0&sl=0&si=26f1ab2f-38b0-4197-947f-aae9f35227a4-rr5jtl&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=786156
IP 23.38.200.138:0
File type JSON data\012- , ASCII text
Hash e7c2e0dcc2eed5518d03ef149af84d23
25a693bc8980fa9d9db9de7b0d354d1f3f7da183
d9e526b111d9cdd231ec8f33deee5de4f7c9df282e680638ae1aae480a7c6942
GET /api/config.json?key=9FGZW-YWK8B-M3WQS-BV3DJ-4WMX2&d=www.hero-wars.com&t=5593985&v=1.720.0&sl=0&si=26f1ab2f-38b0-4197-947f-aae9f35227a4-rr5jtl&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=786156 HTTP/1.1
Host: c.go-mpulse.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Timing-Allow-Origin: *
Content-Length: 51
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
Content-Type: application/json
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/bg-82ada9e.webp
95.101.11.27200 OK 94 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/bg-82ada9e.webp
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5e01b6d96f820dcb9d020161d7b11301
10d9bceb738145a0516267146d37d1d726eadb39
7210a3b417519430aa48ac7442b9110d21b6f1ac1be12fcae1f3dbf8bf54820c
GET /i/hw-web/v2/359997/external_landings/loot12/assets/bg-82ada9e.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 94048
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-16f60"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/gal_with_lutohata-9712d65.webp
95.101.11.27200 OK 178 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/gal_with_lutohata-9712d65.webp
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Size 178 kB (178038 bytes)
Hash 6c198a37e02eb9037043da187e6fae10
5cf51fd25a5ceb40f489339bfe4fa68a194521ed
7f6c05c86e601a0e7bcdaa20337328e59cd6d69d5ccf3a0c26eeb8561c45c4c7
GET /i/hw-web/v2/359997/external_landings/loot12/assets/gal_with_lutohata-9712d65.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 178038
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-2b776"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/button-8d46f8f.webp
95.101.11.27200 OK 11 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/button-8d46f8f.webp
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1115e37ff374aeb3684da9c2ae051919
ab8fc7fb033cd789f2a1da0093bb11579249458f
a4c90e84d40c35794489a7c3968685484c9f171e38b6469cfe7ce68d7f471d11
GET /i/hw-web/v2/359997/external_landings/loot12/assets/button-8d46f8f.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 11126
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-2b76"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/logo-265449.png
95.101.11.27200 OK 21 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/logo-265449.png
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type PNG image data, 138 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash 4602852b041aaf1c4074b12c068e7e49
88ff677c03819753cf4ab25d482ab6e2b5849b4b
cb779bffbb7a0af2c273eaab74e089713873efd019500a02df5297396d264228
GET /i/hw-web/v2/359997/external_landings/loot12/assets/logo-265449.png HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/png
Content-Length: 20637
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-509d"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/ribbon-top-2b1e9d7.webp
95.101.11.27200 OK 20 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/ribbon-top-2b1e9d7.webp
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image\012- data
Hash f7140679756da62039bead7bfc33c11a
fa55243982f1a7fc9e1c42b50dbcd858aa84f881
31f479c3315f7258b0f646303b777f482e1d9847766cf960e7aea31dc5a54341
GET /i/hw-web/v2/359997/external_landings/loot12/assets/ribbon-top-2b1e9d7.webp HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/webp
Content-Length: 19738
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-4d1a"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/tobigreekcyrillic-regular-22b3c9.woff
95.101.11.27200 OK 43 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/tobigreekcyrillic-regular-22b3c9.woff
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 43388, version 0.0\012- data
Hash b2c886bff572133b9f178fb222929c40
de0310b87cdd61e62372759c10b8777edd54ad27
b77c1c713aea9145f5910eba28580904cc7d5a3eb3480738bf7b76adcdb88588
GET /i/hw-web/v2/359997/external_landings/loot12/assets/tobigreekcyrillic-regular-22b3c9.woff HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 43388
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-a97c"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_bold-945157.woff
95.101.11.27200 OK 26 kB URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_bold-945157.woff
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format, TrueType, length 25492, version 1.1\012- data
Hash c8c3e82a72908913a24a8a833d25ae22
e4124905dffb268af81824b752460e17dcde57bf
5b74f9ae1a7694d6be867b6ba837f1b60dc5c245b605dfcc8070cf3880dff2e8
GET /i/hw-web/v2/359997/external_landings/loot12/assets/roboto_condensed_bold-945157.woff HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: font/woff
Content-Length: 25492
Last-Modified: Tue, 07 Mar 2023 11:10:25 GMT
ETag: "64071ba1-6394"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:34 GMT
Connection: keep-alive
www.hero-wars.com/landing_loaded
95.101.10.66200 OK 44 B URL HTTP/2 www.hero-wars.com/landing_loaded
IP 95.101.10.66:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 0abe67293af335f2189a2ba8fd737da5
08d0e71b7625d4364e9f01eb583343ca1c6d0f8f
fd2f79eac6a346cf9255f3c8ac7157ef0d70686332a0d07881f4a58c79a8dfa6
POST /landing_loaded HTTP/1.1
Host: www.hero-wars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hero-wars.com/?l=loot12&m=registration&nx_source=adx_PropellerAds.Hero+Wars+Web+PropellerAds.pt-4292618.cid-Hero+Wars+Web+PropellerAds&aff_click=64073a9946cce00001cc886a&pid=5&custom2=PropellerAds&custom3=Hero+Wars+Web+PropellerAds&custom4=4292618
Content-Type: application/json
X-CSRF-Token: oLfgH5IY0Dg1Wpk21GcGfVo8pK2lt00aIrQYVR9i
Origin: https://www.hero-wars.com
Content-Length: 297
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkFiTHAyUWl3L1pqd1FNSlNZbFFVNnc9PSIsInZhbHVlIjoiVCtVeWhQRVdidDd0MVJ5dDd3a0MyRGV3SFE3dGNwSFl6MDdFZ3B0MGJ5YjE4Sk1ZZDUzNTRWWHFQMjlPZVh5cyIsIm1hYyI6ImUyODk3MzE3OTFkMDljNDBhMTBhZjhlNWMxZWJjNGRkM2Y1ZGY1OWUwMjk2YzgwYmVmNDc0MDNhNjI5OTQzYWMiLCJ0YWciOiIifQ%3D%3D; hero_wars_session=eyJpdiI6IlM3bklRdWVNSjdYUHJacXBBS2l5ZlE9PSIsInZhbHVlIjoieVUyWkVyOXRoSWNSZDlISXk3N0NBTjFvMTkrcmhMQ29ka1dkb09WZEkvd0NKbHU4NFdZZ20vOVB4TDA2aXhCYSIsIm1hYyI6Ijk3ZDQ4MWNiMDRiY2JhZjA2NjYxNTUxMzFiNjBkMmMwNmQ1YTc0MGNlOTk5ZDRhYjM3N2VlMDIzM2E2NzlmMjciLCJ0YWciOiIifQ%3D%3D; hw_session_cookie=eyJpdiI6ImI1T0lKNnFqYno0QWhRT0FuYm53bkE9PSIsInZhbHVlIjoiK0hqeHBVdm0zSW1vSHBjVSt4am9VeXFaS3pUV3JTUTRyTU1lU1U2M3ZHOENleG5VcFNza1pzcE8xaDUvWnc2NCtaaXo5MjdtM2dycitYMStJZmpDWEE9PSIsIm1hYyI6IjcxMDEzZmM5NTEyYTNhZWQ3MGY3MTExNmQxYjE5NTZiNzYzMzMwMGY3ZGJmZTAwYTEyZjgwOGUzMDA4ZWI5MDMiLCJ0YWciOiIifQ%3D%3D; AKA_A2=A; ak_bmsc=48F294F42C30696B76B0D3369EDC6E3B~000000000000000000000000000000~YAAQPgplX7DHwImGAQAAMeg8vBP5B/3qWqxN5sOZDFH3/FHShvhe0CiFc0PYV8ycfHh5Df1koWkxME5az+36Qrvy9Eftey0WtJvYsOxYHowO1Jd/Ck3cWfPFwc4sLaiVHI9r/4msl0ax2MfMgWh1vrI7AXoIbbz6+nMHK/YQbtuqNYyipSAyzmpmbGEO2Rfi44AHJyBZkItJw+i47+zVbGcUkElZXPtB+ExAu9e6OtDmH3VTEdNe6zDB3giZCSumjdGxM8O43MKTw8+ABehzhXuIBqYrRicfqUGoNBMgGHoOEkeEDSsp7QIiA9ZgY12ap4me4DIRfKU3Ey6NK8JAnYQygFuBC7cZ4TL4GRpeO+V0LAdBSTAZx8KYU15ULmmHCkbZpc0Maqprholm; _gcl_au=1.1.1748264608.1678195354; _fbp=fb.1.1678195354509.1636639793
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,x-auth-application-id,x-auth-network-ident,x-auth-player-id,x-auth-session-id,x-auth-session-init,x-auth-session-key,x-auth-signature,x-auth-token,x-auth-user-id,x-env-referrer,x-request-id,x-requested-with,x-server-time,x-env-library-version,x-auth-network-sign,authorization
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Tue, 07 Mar 2023 13:22:34 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 07 Mar 2023 13:22:34 GMT
content-length: 44
set-cookie: XSRF-TOKEN=eyJpdiI6Imh4VitteVM2aG10TW1XazZXeW0zVVE9PSIsInZhbHVlIjoiak5ScXplYUYrQnVJc0M3VFBaUTBiYndCTGwxdTNReDdUbUtuRmZ2RHRqLytlaWdvTUVTb1IraEZHMmo2K2VMbiIsIm1hYyI6Ijg0ZTA5ZDljOGI1YzdmZDNhM2VmNDdiZTQwOTcyYmNhYzE1ZGIxYmM4MzY3MTBiZTkzYWM4YzYyNjQwOTVmNmEiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 06-May-2023 13:22:34 GMT; Max-Age=5184000; path=/; samesite=lax
hero_wars_session=eyJpdiI6Ik5xdjI1Qm1iQS84dzFBeGtncEZ4S3c9PSIsInZhbHVlIjoiRXBjdkJoM1o3dGtRQXpYY0x5Nm51eFZ6RkI1cDJkaU1IUWZadHFOZDVzSWhUUWFqeDNtOWZEWk94SHBYelNxYiIsIm1hYyI6Ijc0YjU1MTkxYTVkNjZhYmY2OTNlOWQ5YmRkMzhhMzkzMWVhNWM0MzU4N2QxZTZhMDViMjJiOGE4ODExOGE2MDMiLCJ0YWciOiIifQ%3D%3D; expires=Sat, 06-May-2023 13:22:34 GMT; Max-Age=5184000; path=/; httponly; samesite=lax
hw_session_cookie=eyJpdiI6IjgzOVdQV0F6VC9mSzVWMzlWLzhJY0E9PSIsInZhbHVlIjoiVVFWY1I5VGh3UU5nbEVFWXJCbFV2UT09IiwibWFjIjoiZGM0NDVhZTdjZDg4M2NmZjk3N2QyZTk5Nzk1OTRmZjRjMjA1MWI0NmYxMTRhZTM2NTgxMDc2ZWJlNDYxOWI5NyIsInRhZyI6IiJ9; expires=Thu, 08-Mar-2018 13:22:34 GMT; Max-Age=0; path=/; httponly; samesite=lax
bm_sv=2A249E180931B27890299CE8A8A3DBED~YAAQPgplX7HHwImGAQAA8uw8vBNCv1WdsHP+aGzfwJTQKJNlZiiod0SZwfsUjov/Hd6kmw6oUV0jpUzh5N9HGxe3w3v15TvRqeP43LrojG2DFwbu/oQML0zNavypwvgVIS8vEco9MaM2Ap0UKHkAn1vZUx197e4O53ADN6gAGcdHlPjA2TXD+MbW4I+irqwtuguVkzBOJsvM7riRMegBIlp9vLPrXxkrW/dXJlBrFfFRg225BrcyZnGeevEy+TnmHW/2~1; Domain=.hero-wars.com; Path=/; Expires=Tue, 07 Mar 2023 15:22:34 GMT; Max-Age=7200; Secure
server-timing: edge; dur=5, origin; dur=128, cdn-cache; desc=MISS, ak_p; desc="466165_1600457278_96496757_13254_3722_1_0";dur=1
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11808
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:22:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11808
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:22:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11808
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:22:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11808
Expires: Tue, 07 Mar 2023 16:39:23 GMT
Date: Tue, 07 Mar 2023 13:22:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4a8d319b1ada8f22e8a1874033aba2c
3afc8111b03b662e88e61f4991a20a90d7d4f973
fca961af0737a3f0caa3a8d5762a309b871f54d0c8bd0e6ab4efdee4cf2fa462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6282
x-amzn-requestid: 7f17d7b2-eff8-4e36-a0b6-661862d08620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOHQGtNIAMFp8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065d61-18f0b0196b949829744dae4c;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: U0xw1_Kqlj1h5fIdhMFyxdB7mqMJRRx7ZpjFOo165GNmsiGruqLHmg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:13:56 GMT
age: 54519
etag: "3afc8111b03b662e88e61f4991a20a90d7d4f973"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6edb15b0628347e7e7064affe077331
c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26
56c482b858cef1eb56a47dc54b298c31c2dd85cacdc748cea30b3d74a3cda99b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3359
x-amzn-requestid: c884d077-cb85-41c5-adcb-2baac3350d4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOuYHNJIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065e5b-74ab80fe0f96e85957d1a0f3;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5IlVoIIqNo7P0mzxWpDyuMF8xLoDQqldyINHPFIvnRmLoen0sce1tg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:09:51 GMT
etag: "c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26"
content-type: image/jpeg
age: 54764
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ec4f2da6f73f59d9a2493697cbaec8c
3513d0fa932a2cf6ec0cf948cfd6e9c67e450824
cbe6ab8f36271592c0febfa90fe92c88d96dce40197e66cb7c06470bf99eccde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9515
x-amzn-requestid: b2c70ebf-087b-4adf-bc0d-d657586581cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A_J1hHdLoAMFQKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fc5689-632acdce4082512541dc8c1a;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 07:06:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DH-jkcare5_Lmpq_M188dxcLGdvvYb3mj98EAWqe5Z6YCnxff9Xw3w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:38:34 GMT
age: 53041
etag: "3513d0fa932a2cf6ec0cf948cfd6e9c67e450824"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3389a930-6e96-43f6-92b6-997fabeb27da.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3389a930-6e96-43f6-92b6-997fabeb27da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c229e9be4ad878528d3be67e4c05e7b1
03da37d1ac086a0fe3c6415cc297a6a38659db46
13927a535230f45e8fe13412b7d5a3a63f253aca91ac8e4f0c78f1dab289d4d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3389a930-6e96-43f6-92b6-997fabeb27da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: b14d1930-331a-4c89-8f32-13fd0107655a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BK_C1GAsIAMFqoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64011211-67b4ba2644683bba365394d5;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:16:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7S23wJqg6X5oCo7wlR9S9Ol8Hm5WB0LsBmtyCCKEsYnJNtRXUbAsEQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 16:56:59 GMT
age: 73536
etag: "03da37d1ac086a0fe3c6415cc297a6a38659db46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d9e542d11eb3e8eaf08c83e0d72ea74
3113bde9c7ab14701fc4dbc39eec955b30d70150
c677d4b6fc6cf9c120e4f1844cf4605aeb6c7902fdde34ae21258fbb64d0f79b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8512
x-amzn-requestid: 9f7f00c0-dfb4-4b72-a4be-1a5f3c6f2401
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYNhZHU4oAMFTsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065c6f-5b1f26a475702ce913902e66;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: SRN7vb7fldI_vjnuKgm6wXus67qkokYCVJBJXdCNeCQ7mfxRDKcqaQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 21:54:06 GMT
age: 55709
etag: "3113bde9c7ab14701fc4dbc39eec955b30d70150"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28063b72ccbc658caa4705a87e7a4e12
35a9f5d55ffadd16548d61c99d59e426dd11ce21
a9a2c8104c6c8454eff30437c96b672e230b073623f33a67614fe4fa3ba0645d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: 17b741c5-3911-46a5-b22d-17ef50381ad4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO15EPHIAMFx-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591bf-58dbdf76597432b9505f5805;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IYw6V_NejqrqRl4UmaUhYInv69UZcaqm8ytploOryAw3Gz4jyJNbdQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 05:13:26 GMT
age: 29349
etag: "35a9f5d55ffadd16548d61c99d59e426dd11ce21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LFE4ZMGDNX>m=45je3310&_p=1996380777&gcs=G100&cid=2039634085.1678195355&ul=en-us&sr=1280x1024&_s=1&sid=1678195354&sct=1&seg=0&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&dt=Hero%20Wars%20%7C%20Online%20action%20game%20%7C%20RPG&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LFE4ZMGDNX>m=45je3310&_p=1996380777&gcs=G100&cid=2039634085.1678195355&ul=en-us&sr=1280x1024&_s=1&sid=1678195354&sct=1&seg=0&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&dt=Hero%20Wars%20%7C%20Online%20action%20game%20%7C%20RPG&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LFE4ZMGDNX>m=45je3310&_p=1996380777&gcs=G100&cid=2039634085.1678195355&ul=en-us&sr=1280x1024&_s=1&sid=1678195354&sct=1&seg=0&dl=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618&dt=Hero%20Wars%20%7C%20Online%20action%20game%20%7C%20RPG&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.hero-wars.com
date: Tue, 07 Mar 2023 13:22:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trc-events.taboola.com/1123625/log/3/unip?en=pre_d_eng_tb&tos=1602&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355879&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1123625/log/3/unip?en=pre_d_eng_tb&tos=1602&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355879&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1123625/log/3/unip?en=pre_d_eng_tb&tos=1602&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355879&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 07 Mar 2023 13:22:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1171685/log/3/unip?en=pre_d_eng_tb&tos=1603&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355880&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1171685/log/3/unip?en=pre_d_eng_tb&tos=1603&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355880&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1171685/log/3/unip?en=pre_d_eng_tb&tos=1603&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1678195355880&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 07 Mar 2023 13:22:36 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1123625/log/3/unip?en=pre_d_eng_tb&tos=4604&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358880&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1123625/log/3/unip?en=pre_d_eng_tb&tos=4604&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358880&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1123625/log/3/unip?en=pre_d_eng_tb&tos=4604&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358880&vi=1678195354273&ri=416ccaa87d2450d28f26cb700f73239e&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 07 Mar 2023 13:22:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
trc-events.taboola.com/1171685/log/3/unip?en=pre_d_eng_tb&tos=4605&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358882&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1171685/log/3/unip?en=pre_d_eng_tb&tos=4605&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358882&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1171685/log/3/unip?en=pre_d_eng_tb&tos=4605&scd=0&ssd=1&est=1678195354275&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1678195358882&vi=1678195354273&ri=323663c85f5862ac590af1560c7cc861&ref=null&cv=20230302-10-RELEASE&item-url=https%3A%2F%2Fwww.hero-wars.com%2F%3Fl%3Dloot12%26m%3Dregistration%26nx_source%3Dadx_PropellerAds.Hero%2BWars%2BWeb%2BPropellerAds.pt-4292618.cid-Hero%2BWars%2BWeb%2BPropellerAds%26aff_click%3D64073a9946cce00001cc886a%26pid%3D5%26custom2%3DPropellerAds%26custom3%3DHero%2BWars%2BWeb%2BPropellerAds%26custom4%3D4292618 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hero-wars.com
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 07 Mar 2023 13:22:38 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.hero-wars.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/landingSocials.js
95.101.11.27200 OK 0 B URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/js/landingSocials.js
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
GET /i/hw-web/v2/359997/js/landingSocials.js HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 07 Mar 2023 11:10:30 GMT
ETag: W/"64071ba6-4c41e"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 112334
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
heroesweb-a.akamaihd.net/i/hw-web/v2/359997/css/landings.css
95.101.11.27200 OK 0 B URL HTTP/1.1 heroesweb-a.akamaihd.net/i/hw-web/v2/359997/css/landings.css
IP 95.101.11.27:0
ASN #20940 Akamai International B.V.
GET /i/hw-web/v2/359997/css/landings.css HTTP/1.1
Host: heroesweb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hero-wars.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/css
Last-Modified: Tue, 07 Mar 2023 11:10:14 GMT
ETag: W/"64071b96-47980"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 33733
Cache-Control: max-age=2592000
Date: Tue, 07 Mar 2023 13:22:33 GMT
Connection: keep-alive
Vary: Accept-Encoding
fonts.googleapis.com/css2?family=Noto+Sans+SC:wght@400;500&family=Noto+Sans:ital@0;1&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Noto+Sans+SC:wght@400;500&family=Noto+Sans:ital@0;1&display=swap
IP 142.250.74.106:0
GET /css2?family=Noto+Sans+SC:wght@400;500&family=Noto+Sans:ital@0;1&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://heroesweb-a.akamaihd.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 13:22:34 GMT
date: Tue, 07 Mar 2023 13:22:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2