Submitted URL: http://heroes3towns.com/
Effective URL: https://heroes3towns.com/
Submission: On January 05 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 59 HTTP transactions. The main IP is 195.54.213.24, located in Russian Federation and belongs to RINET-AS Cronyx Plus Ltd, RU. The main domain is heroes3towns.com.
TLS certificate: Issued by R3 on December 18th 2023. Valid for: 3 months.
This is the only time heroes3towns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
46 heroes3towns.com
heroes3towns.com
907 KB
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2014
www.google.com — Cisco Umbrella Rank: 6
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 4002
515 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
405 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7553
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
147 KB
1 gstatic.com
www.gstatic.com
203 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 708
34 KB
59 9
Domain Requested by
46 heroes3towns.com 1 redirects heroes3towns.com
2 www.google.com heroes3towns.com
2 www.google.de heroes3towns.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 counter.yadro.ru 1 redirects heroes3towns.com
2 www.googletagmanager.com heroes3towns.com
www.googletagmanager.com
1 www.gstatic.com www.google.com
1 ajax.googleapis.com heroes3towns.com
1 region1.analytics.google.com www.googletagmanager.com
59 10

This site contains links to these domains. Also see Links.

Domain
forum.df2.ru
www.liveinternet.ru
Subject Issuer Validity Valid
heroes3towns.com
R3
2023-12-18 -
2024-03-17
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 2 frames:

Primary Page: https://heroes3towns.com/
Frame ID: 47D31B5F104709D831C8C7227F442E3A
Requests: 51 HTTP requests in this frame

Frame: https://heroes3towns.com/guest/index.php
Frame ID: 8DC508A174F5B6586338E78B7AA68DA0
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Сайт новых городов для Heroes III

Page URL History Show full URLs

  1. http://heroes3towns.com/ HTTP 301
    https://heroes3towns.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

59
Requests

98 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

1315 kB
Transfer

1997 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://heroes3towns.com/ HTTP 301
    https://heroes3towns.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://counter.yadro.ru/hit?t24.5;r;s1600*1200*24;uhttps%3A//heroes3towns.com/;0.22055869845577059 HTTP 302
  • https://counter.yadro.ru/hit?q;t24.5;r;s1600*1200*24;uhttps%3A//heroes3towns.com/;0.22055869845577059

59 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
heroes3towns.com/
Redirect Chain
  • http://heroes3towns.com/
  • https://heroes3towns.com/
34 KB
7 KB
Document
General
Full URL
https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
d1c4296e33f4969922e78bf6ed19d0bcc2b3cc7cce418ce13a0029dd15136ebb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
6753
Content-Type
text/html; charset=cp1251
Date
Fri, 05 Jan 2024 15:06:55 GMT
Expires
Fri, 05 Jan 2024 18:06:55 +0300
Server
nginx/1.10.3
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
185
Content-Type
text/html
Date
Fri, 05 Jan 2024 15:06:55 GMT
Location
https://heroes3towns.com/
Server
nginx/1.10.3
js
www.googletagmanager.com/gtag/
189 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-111495724-2
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2275d32410e5fbe9c062abc2778e9a6a17ff875ba60b936d9b42484d86d9fe27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 15:06:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69858
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jan 2024 15:06:55 GMT
logo.png
heroes3towns.com/
253 KB
254 KB
Image
General
Full URL
https://heroes3towns.com/logo.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
2186ba81b5ae8579834614fca6db8a1cac72014e220e3a0c9f13299da1bba3dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Last-Modified
Sat, 03 Jul 2021 22:59:47 GMT
Server
nginx/1.10.3
ETag
"3f548-5c640075cf91f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
259400
none.png
heroes3towns.com/pics/
6 KB
6 KB
Image
General
Full URL
https://heroes3towns.com/pics/none.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
82a3928167b54c8dd1cd0ff99f5ba3b0b4377f375b91fc27b3a7dde6c46c964e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 14 Dec 2018 15:57:47 GMT
Server
nginx/1.10.3
ETag
"164f-57cfd7e15b6b5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5711
roe.gif
heroes3towns.com/pics/
1 KB
2 KB
Image
General
Full URL
https://heroes3towns.com/pics/roe.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
23db7aacb2faa5e92823bbdf71f9c286684c4e07c0c4d4c834afa531fabeb596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 14 Dec 2018 13:55:22 GMT
Server
nginx/1.10.3
ETag
"562-57cfbc8474ed5"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1378
ab.gif
heroes3towns.com/pics/
502 B
745 B
Image
General
Full URL
https://heroes3towns.com/pics/ab.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
09aeb03a60c3bfd754499d8ce9a84eff3c1e8dd0c2ab5fc14342d35c0a5f8252

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Mon, 17 Dec 2018 16:31:24 GMT
Server
nginx/1.10.3
ETag
"1f6-57d3a4fce1704"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
502
sod.gif
heroes3towns.com/pics/
1 KB
1 KB
Image
General
Full URL
https://heroes3towns.com/pics/sod.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
b675b407b57a47d9be7448e395003af9bce2c46dec85d3f6f53fe7e20486d8ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 14 Dec 2018 13:55:22 GMT
Server
nginx/1.10.3
ETag
"4f1-57cfbc84b9498"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1265
hota.png
heroes3towns.com/pics/
2 KB
2 KB
Image
General
Full URL
https://heroes3towns.com/pics/hota.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
d522c38396f32b686a15e158bfd6d3b1e1024b4addd6b6069440713412a72da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 14 Dec 2018 13:55:21 GMT
Server
nginx/1.10.3
ETag
"713-57cfbc8413451"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1811
era.gif
heroes3towns.com/pics/
1003 B
1 KB
Image
General
Full URL
https://heroes3towns.com/pics/era.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
f05287056a8a553a43bf2d61581e77f6b8a2fd44f0110f7d73c46420cd2af065

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 14 Dec 2018 13:55:22 GMT
Server
nginx/1.10.3
ETag
"3eb-57cfbc8498157"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1003
vcmi.png
heroes3towns.com/pics/
2 KB
2 KB
Image
General
Full URL
https://heroes3towns.com/pics/vcmi.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
9450cca8ef6f96892c4ca2e6b4fd792368270d16b4ef3e94674565562250abab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Last-Modified
Mon, 30 Oct 2023 19:55:57 GMT
Server
nginx/1.10.3
ETag
"899-608f46d31ba6a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2201
v1.gif
heroes3towns.com/res/
991 B
1 KB
Image
General
Full URL
https://heroes3towns.com/res/v1.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
2dd00358cc3e06ed430f231a1c24798a33a6691639273ba2ccc2919d8df1ff05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 08 Sep 2017 19:04:41 GMT
Server
nginx/1.10.3
ETag
"3df-558b23fc74440"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
991
ThCsCas3.gif
heroes3towns.com/towns/castle/1/
10 KB
10 KB
Image
General
Full URL
https://heroes3towns.com/towns/castle/1/ThCsCas3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
16fbc429ae9904bc1c30e224c283fd28567d65f9c116076cbe1eb4ee0e23c3fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 18 Jan 2019 19:05:19 GMT
Server
nginx/1.10.3
ETag
"28b6-57fc0312ef50f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10422
TPRCas3.gif
heroes3towns.com/towns/rampart/1/
9 KB
10 KB
Image
General
Full URL
https://heroes3towns.com/towns/rampart/1/TPRCas3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
519258dd383f9ccb2af83f2ff5caf42ba15b18c91c10da6a849ea1030329aaa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Last-Modified
Fri, 22 Feb 2019 11:59:53 GMT
Server
nginx/1.10.3
ETag
"2553-5827a5430b41f"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9555
TPTCast3.gif
heroes3towns.com/towns/tower/
10 KB
11 KB
Image
General
Full URL
https://heroes3towns.com/towns/tower/TPTCast3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
15220fa841eec7a1cd0f3b0f4f1a8b10e6fe128745411f4d6dc413f6879da8b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Sun, 02 Aug 2020 18:42:12 GMT
Server
nginx/1.10.3
ETag
"29c3-5abe961527386"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10691
TPICas3.gif
heroes3towns.com/towns/inferno/
8 KB
8 KB
Image
General
Full URL
https://heroes3towns.com/towns/inferno/TPICas3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
49ba09d2db011bcb226c8565f4a0c539fceca8b4d4210c53ae9a7d52b1a06702

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 29 Jan 2016 14:28:17 GMT
Server
nginx/1.10.3
ETag
"1e8b-52a79d89b0240"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7819
TPNcast3.gif
heroes3towns.com/towns/necropolis/
10 KB
11 KB
Image
General
Full URL
https://heroes3towns.com/towns/necropolis/TPNcast3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
16d68af9768ae1c710900ab3479ec4f7881178865f4c2f9a993128380f18ee98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 29 Jan 2016 15:02:47 GMT
Server
nginx/1.10.3
ETag
"295a-52a7a53fcb3c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10586
TPDCas3.gif
heroes3towns.com/towns/dungeon/
10 KB
10 KB
Image
General
Full URL
https://heroes3towns.com/towns/dungeon/TPDCas3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
ef2d71d5147ff7f76dc791085f9ecafafa6028da21fca8866058b8c06aca67be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Last-Modified
Mon, 19 Dec 2016 16:19:27 GMT
Server
nginx/1.10.3
ETag
"28d2-54405489801c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10450
TPSCas3.gif
heroes3towns.com/towns/stronghold/
12 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/stronghold/TPSCas3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
fee2d70edfb9fe8f980e7aaf5e2649d5b091df83b1bcbfb1694ccd8d148e7292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 29 Jan 2016 15:46:38 GMT
Server
nginx/1.10.3
ETag
"3032-52a7af0ce9380"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12338
TPFCast3.gif
heroes3towns.com/towns/fortress/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/fortress/TPFCast3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
1d77b4d4509439a8a149395e8a0d833e45124e1c5657d419bdabb0408e9da43c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 29 Jan 2016 16:02:32 GMT
Server
nginx/1.10.3
ETag
"2dfd-52a7b29ab7600"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11773
v2.gif
heroes3towns.com/res/
914 B
1 KB
Image
General
Full URL
https://heroes3towns.com/res/v2.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
0028d15b898ef4aa485d4cc2f54b8f8cefd0064d77916ac5f7eef0ff0fd43a95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 08 Sep 2017 19:04:45 GMT
Server
nginx/1.10.3
ETag
"392-558b240044d40"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
914
conflux_menu.png
heroes3towns.com/towns/conflux/
28 KB
28 KB
Image
General
Full URL
https://heroes3towns.com/towns/conflux/conflux_menu.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
2c22093e800b5eea85e7c52274365d3a48fc69e50f98a43be2269aa386cb0612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Thu, 01 Feb 2018 02:42:32 GMT
Server
nginx/1.10.3
ETag
"7088-5641d8c2ad600"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28808
v5.gif
heroes3towns.com/res/
582 B
825 B
Image
General
Full URL
https://heroes3towns.com/res/v5.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
952a94358767546f40249478c6dc45de4107ab468f2ebefeca937305753f5e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 08 Sep 2017 19:04:45 GMT
Server
nginx/1.10.3
ETag
"246-558b240044d40"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
582
cove_10.BMP
heroes3towns.com/towns/cove/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/cove/cove_10.BMP
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
c544428cacfba0dd43cd6be8969baa4a4e17a458183eb509b1932b769298615f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Last-Modified
Tue, 08 Jan 2019 00:28:42 GMT
Server
nginx/1.10.3
ETag
"2dc6-57ee76d750b26"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11718
v8.gif
heroes3towns.com/res/
996 B
1 KB
Image
General
Full URL
https://heroes3towns.com/res/v8.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
3000de3b6f5d2b9c3334afb5d14c2a1cee6f222e0c586ec82e362335ef11eadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Mon, 30 Oct 2023 20:43:02 GMT
Server
nginx/1.10.3
ETag
"3e4-608f5159b7d89"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
996
forge_menu.png
heroes3towns.com/towns/forge/3/
21 KB
21 KB
Image
General
Full URL
https://heroes3towns.com/towns/forge/3/forge_menu.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
e6bbb768a34a120700dc2ab0a8f50b33734c01194e07a97ab54c70589edb4e35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Thu, 01 Feb 2018 02:14:27 GMT
Server
nginx/1.10.3
ETag
"5474-5641d27bbc6c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21620
v6.gif
heroes3towns.com/res/
887 B
1 KB
Image
General
Full URL
https://heroes3towns.com/res/v6.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
07334f6f1023209e638550b126773cfda6415d68d4d597d33d6761de86dd75e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 16 Mar 2018 23:00:51 GMT
Server
nginx/1.10.3
ETag
"377-5678f94622ec0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
887
bastion_menu.jpg
heroes3towns.com/towns/bastion/1/
19 KB
19 KB
Image
General
Full URL
https://heroes3towns.com/towns/bastion/1/bastion_menu.jpg
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
1e58f8aed4aa8d908b54b80f6f987e6a878e4ef0373ce6e20be234649d84bc60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Last-Modified
Thu, 26 Aug 2021 20:07:55 GMT
Server
nginx/1.10.3
ETag
"4cef-5ca7bec239161"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19695
04.png
heroes3towns.com/towns/growe/
14 KB
14 KB
Image
General
Full URL
https://heroes3towns.com/towns/growe/04.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
37586b31b810ac23cab08903ccde11dd6535536d36637b1c10f9f3d71c581fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Tue, 05 Jun 2012 12:07:01 GMT
Server
nginx/1.10.3
ETag
"388c-4c1b87ceea340"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14476
ThElCas3.bmp
heroes3towns.com/towns/haven/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/haven/ThElCas3.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
8c4937bf9d29c14959fb8bf8664d9390a4a26a0f754dd88ca0ccb3063ccd3d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Tue, 19 Feb 2019 21:54:27 GMT
Server
nginx/1.10.3
ETag
"2dc6-5824649048155"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11718
castle3.gif
heroes3towns.com/towns/athlantis/
10 KB
10 KB
Image
General
Full URL
https://heroes3towns.com/towns/athlantis/castle3.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
62e4d0721a443cb9c3aae78610b740f4e8b63d08707257242e6effd9f5ab57fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Wed, 30 Aug 2017 22:01:47 GMT
Server
nginx/1.10.3
ETag
"26f8-557ffac90c8c0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9976
134177.bmp
heroes3towns.com/towns/cathedral/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/cathedral/134177.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
60b59856906f0438f2b383dc0c734de55fe552aa580456977549b442e2376ff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Mon, 25 Mar 2019 23:57:56 GMT
Server
nginx/1.10.3
ETag
"2dc6-584f3f93916f6"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11718
TPDCas3.bmp
heroes3towns.com/towns/abyss/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/abyss/TPDCas3.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
f1795ea3abd10f1e1ebf6581fdddd26f5cdb5e8fc99b266262502d4df926fb98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Wed, 30 Aug 2017 16:14:02 GMT
Server
nginx/1.10.3
ETag
"2dc6-557fad0ea2680"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11718
fort3.bmp
heroes3towns.com/towns/preserve/1/
32 KB
32 KB
Image
General
Full URL
https://heroes3towns.com/towns/preserve/1/fort3.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
3090b2d6ed20f327e110a49b81f2cfbc35c3f1343e8538061ef703875dd3912b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Mon, 04 Feb 2019 14:11:05 GMT
Server
nginx/1.10.3
ETag
"7fce-58112103bf059"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32718
castle.bmp
heroes3towns.com/towns/covenant/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/covenant/castle.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
3efa7d87508e376e374534403225ae2a81c902b3e9f90b39586b3d8521dbd6b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Mon, 04 Feb 2019 12:21:59 GMT
Server
nginx/1.10.3
ETag
"2dc6-581108a18de55"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11718
TPNcast3.bmp
heroes3towns.com/towns/fairy/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/fairy/TPNcast3.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
23cb18e093e28fa2102fab5aa3c32694c9bc6fa36fb64e1441d93be81a56a754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Last-Modified
Wed, 30 Aug 2017 17:56:12 GMT
Server
nginx/1.10.3
ETag
"2dc6-557fc3e4a8700"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11718
img_00.bmp
heroes3towns.com/towns/death_valley/
32 KB
32 KB
Image
General
Full URL
https://heroes3towns.com/towns/death_valley/img_00.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
8ca9d9f7d337ada090f646126dd8b2c916d241f8d7f304d34cad541cad9f7489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Fri, 18 Oct 2019 19:07:21 GMT
Server
nginx/1.10.3
ETag
"7fce-595340b2585d2"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32718
img_00.png
heroes3towns.com/towns/ruins/
26 KB
27 KB
Image
General
Full URL
https://heroes3towns.com/towns/ruins/img_00.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
5d0005558434caa66a412ed32f6a85fa90a28f1d91a18e21a4cb752bab0812cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Mon, 04 Mar 2019 15:44:11 GMT
Server
nginx/1.10.3
ETag
"69f0-58346a0bb8d7c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27120
ThElCas3.bmp
heroes3towns.com/towns/regna/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/regna/ThElCas3.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
69651cbae6f13d4db683815b774073d6f6c7a31e9b51dcd9eea531665bc43f1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Thu, 10 Sep 2020 18:56:12 GMT
Server
nginx/1.10.3
ETag
"2dc6-5aefa1f399f6c"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11718
Castle3.bmp
heroes3towns.com/towns/oasis/
11 KB
12 KB
Image
General
Full URL
https://heroes3towns.com/towns/oasis/Castle3.bmp
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
306aea24aba7e1db626296fd33539236f84288644945f7ee743a4a0f11a111b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Sun, 20 Sep 2020 19:36:32 GMT
Server
nginx/1.10.3
ETag
"2dc6-5afc3d9e0c59d"
Content-Type
image/x-ms-bmp
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11718
hallfactA009.png
heroes3towns.com/towns/factory/2/
17 KB
18 KB
Image
General
Full URL
https://heroes3towns.com/towns/factory/2/hallfactA009.png
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
1ab4500b331cf1244095a892ba6325feb1dfd7f94315926cafa426226787e2fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Sun, 31 Dec 2023 14:46:26 GMT
Server
nginx/1.10.3
ETag
"4584-60dcf5472e00f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17796
textur.gif
heroes3towns.com/
37 KB
37 KB
Image
General
Full URL
https://heroes3towns.com/textur.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
7b5946db70dfb4f758d4d2514a45e1e32aea52063266ec61976f9ecaf0acc353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Last-Modified
Sat, 19 Oct 2019 22:03:50 GMT
Server
nginx/1.10.3
ETag
"9424-5954aa0256a13"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37924
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t24.5;r;s1600*1200*24;uhttps%3A//heroes3towns.com/;0.22055869845577059
  • https://counter.yadro.ru/hit?q;t24.5;r;s1600*1200*24;uhttps%3A//heroes3towns.com/;0.22055869845577059
152 B
638 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t24.5;r;s1600*1200*24;uhttps%3A//heroes3towns.com/;0.22055869845577059
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
173d74d311f9c11cd67fa79a7cb181ffa2bcd54c089f3fb1ace084ad9c883016
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 15:06:56 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
152
Expires
Wed, 04 Jan 2023 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 05 Jan 2024 15:06:56 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t24.5;r;s1600*1200*24;uhttps%3A//heroes3towns.com/;0.22055869845577059
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Wed, 04 Jan 2023 21:00:00 GMT
index.php
heroes3towns.com/guest/ Frame 8DC5
10 KB
3 KB
Document
General
Full URL
https://heroes3towns.com/guest/index.php
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
a789379d5f0df109a9a9e7a3178a061b8c2935fca9112b2271afe427ff093c5a

Request headers

Referer
https://heroes3towns.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2470
Content-Type
text/html; charset=windows-1251
Date
Fri, 05 Jan 2024 15:06:55 GMT
Server
nginx/1.10.3
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
220 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L1S7EEBJ98&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111495724-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
550892ae6d4e4e2137b93bab673e4be204ae0c3684d7cd3ce6e7c4d2bad237fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 15:06:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80198
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jan 2024 15:06:55 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111495724-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 13:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4718
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 05 Jan 2024 15:48:17 GMT
collect
www.google-analytics.com/j/
2 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1637777810&t=pageview&_s=1&dl=https%3A%2F%2Fheroes3towns.com%2F&ul=en-us&de=windows-1251&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%B4%D0%BB%D1%8F%20Heroes%20III&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1662128124&gjid=927837291&cid=1587454627.1704467216&tid=UA-111495724-2&_gid=1983118780.1704467216&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1054654246
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heroes3towns.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 15:06:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heroes3towns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
245 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-L1S7EEBJ98&gtm=45je4130v9109136779&_p=1704467215807&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1587454627.1704467216&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704467215&sct=1&seg=0&dl=https%3A%2F%2Fheroes3towns.com%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%BD%D0%BE%D0%B2%D1%8B%D1%85%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%BE%D0%B2%20%D0%B4%D0%BB%D1%8F%20Heroes%20III&en=page_view&_fv=1&_ss=1&tfd=443
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L1S7EEBJ98&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 15:06:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heroes3towns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L1S7EEBJ98&cid=1587454627.1704467216&gtm=45je4130v9109136779&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L1S7EEBJ98&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 15:06:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heroes3towns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L1S7EEBJ98&cid=1587454627.1704467216&gtm=45je4130v9109136779&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1844492421
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 15:06:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
349 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-111495724-2&cid=1587454627.1704467216&jid=1662128124&gjid=927837291&_gid=1983118780.1704467216&_u=YEBAAUAAAAAAACAAI~&z=2067297886
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heroes3towns.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 05 Jan 2024 15:06:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heroes3towns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.css
heroes3towns.com/guest/ Frame 8DC5
3 KB
1 KB
Stylesheet
General
Full URL
https://heroes3towns.com/guest/styles.css
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/guest/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
dd458af6c792b2b762c12a8d950b43fe9a201f40756ce3a50f2f1852cf87af7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/guest/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Dec 2018 23:45:16 GMT
Server
nginx/1.10.3
ETag
"cd9-57df56c00bb00-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
750
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 8DC5
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/guest/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:47:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 20:47:10 GMT
api.js
www.google.com/recaptcha/ Frame 8DC5
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/guest/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 15:06:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 05 Jan 2024 15:06:55 GMT
script.js
heroes3towns.com/guest/ Frame 8DC5
2 KB
1 KB
Script
General
Full URL
https://heroes3towns.com/guest/script.js
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/guest/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
1858101b70839f0f8b71bcefe2fbfa07919eb8af1054a18e97d7c8c8be56831b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/guest/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Dec 2018 00:05:29 GMT
Server
nginx/1.10.3
ETag
"84b-57df5b44da440-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
812
banned.png
heroes3towns.com/spartak/ Frame 8DC5
203 KB
203 KB
Image
General
Full URL
https://heroes3towns.com/spartak/banned.png?size=400x0&quality=96&crop=20,0,460,460&ava=1
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/guest/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
47761ad967a5294d038aa897f32f14001d6c1d1ad9156c478e1fdff4e42bbfe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/guest/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Thu, 29 Jul 2021 22:36:31 GMT
Server
nginx/1.10.3
ETag
"32a8a-5c84abc0875da"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
207498
reply.gif
heroes3towns.com/guest/img/ Frame 8DC5
689 B
932 B
Image
General
Full URL
https://heroes3towns.com/guest/img/reply.gif
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/guest/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.54.213.24 , Russian Federation, ASN8331 (RINET-AS Cronyx Plus Ltd, RU),
Reverse DNS
24-213.vm.vmco.ru
Software
nginx/1.10.3 /
Resource Hash
1a5a6b82298915e1c7042dc805fdac769f013e0596443d44c1b9727a3fb67cfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/guest/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 15:06:56 GMT
Last-Modified
Thu, 19 Jan 2017 06:46:32 GMT
Server
nginx/1.10.3
ETag
"2b1-5466ce4c3c200"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
689
ga-audiences
www.google.com/ads/
42 B
296 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111495724-2&cid=1587454627.1704467216&jid=1662128124&_u=YEBAAUAAAAAAACAAI~&z=1452026421
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 15:06:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-111495724-2&cid=1587454627.1704467216&jid=1662128124&_u=YEBAAUAAAAAAACAAI~&z=1452026421
Requested by
Host: heroes3towns.com
URL: https://heroes3towns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://heroes3towns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 15:06:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 8DC5
505 KB
203 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heroes3towns.com/
Origin
https://heroes3towns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 14:06:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207437
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 04 Jan 2025 14:06:35 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| gtag object| dataLayer function| hideandshow object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
heroes3towns.com/ Name: visited
Value: 1
.heroes3towns.com/ Name: _gid
Value: GA1.2.1983118780.1704467216
.heroes3towns.com/ Name: _gat_gtag_UA_111495724_2
Value: 1
.heroes3towns.com/ Name: _ga_L1S7EEBJ98
Value: GS1.1.1704467215.1.0.1704467215.60.0.0
.heroes3towns.com/ Name: _ga
Value: GA1.1.1587454627.1704467216
.yadro.ru/ Name: FTID
Value: 1bc1iG0u1aOi1bc1iG001HzF
.yadro.ru/ Name: VID
Value: 2xZxoI0tVyei1bc1iG001Hzr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
counter.yadro.ru
heroes3towns.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
195.54.213.24
2001:4860:4802:34::36
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9b
88.212.201.198
0028d15b898ef4aa485d4cc2f54b8f8cefd0064d77916ac5f7eef0ff0fd43a95
07334f6f1023209e638550b126773cfda6415d68d4d597d33d6761de86dd75e8
09aeb03a60c3bfd754499d8ce9a84eff3c1e8dd0c2ab5fc14342d35c0a5f8252
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
15220fa841eec7a1cd0f3b0f4f1a8b10e6fe128745411f4d6dc413f6879da8b5
16d68af9768ae1c710900ab3479ec4f7881178865f4c2f9a993128380f18ee98
16fbc429ae9904bc1c30e224c283fd28567d65f9c116076cbe1eb4ee0e23c3fd
173d74d311f9c11cd67fa79a7cb181ffa2bcd54c089f3fb1ace084ad9c883016
1858101b70839f0f8b71bcefe2fbfa07919eb8af1054a18e97d7c8c8be56831b
1a5a6b82298915e1c7042dc805fdac769f013e0596443d44c1b9727a3fb67cfc
1ab4500b331cf1244095a892ba6325feb1dfd7f94315926cafa426226787e2fd
1d77b4d4509439a8a149395e8a0d833e45124e1c5657d419bdabb0408e9da43c
1e58f8aed4aa8d908b54b80f6f987e6a878e4ef0373ce6e20be234649d84bc60
2186ba81b5ae8579834614fca6db8a1cac72014e220e3a0c9f13299da1bba3dd
2275d32410e5fbe9c062abc2778e9a6a17ff875ba60b936d9b42484d86d9fe27
23cb18e093e28fa2102fab5aa3c32694c9bc6fa36fb64e1441d93be81a56a754
23db7aacb2faa5e92823bbdf71f9c286684c4e07c0c4d4c834afa531fabeb596
25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7
2c22093e800b5eea85e7c52274365d3a48fc69e50f98a43be2269aa386cb0612
2dd00358cc3e06ed430f231a1c24798a33a6691639273ba2ccc2919d8df1ff05
3000de3b6f5d2b9c3334afb5d14c2a1cee6f222e0c586ec82e362335ef11eadf
306aea24aba7e1db626296fd33539236f84288644945f7ee743a4a0f11a111b8
3090b2d6ed20f327e110a49b81f2cfbc35c3f1343e8538061ef703875dd3912b
37586b31b810ac23cab08903ccde11dd6535536d36637b1c10f9f3d71c581fb7
3efa7d87508e376e374534403225ae2a81c902b3e9f90b39586b3d8521dbd6b8
47761ad967a5294d038aa897f32f14001d6c1d1ad9156c478e1fdff4e42bbfe8
49ba09d2db011bcb226c8565f4a0c539fceca8b4d4210c53ae9a7d52b1a06702
519258dd383f9ccb2af83f2ff5caf42ba15b18c91c10da6a849ea1030329aaa4
550892ae6d4e4e2137b93bab673e4be204ae0c3684d7cd3ce6e7c4d2bad237fd
5d0005558434caa66a412ed32f6a85fa90a28f1d91a18e21a4cb752bab0812cb
60b59856906f0438f2b383dc0c734de55fe552aa580456977549b442e2376ff6
62e4d0721a443cb9c3aae78610b740f4e8b63d08707257242e6effd9f5ab57fb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69651cbae6f13d4db683815b774073d6f6c7a31e9b51dcd9eea531665bc43f1d
7b5946db70dfb4f758d4d2514a45e1e32aea52063266ec61976f9ecaf0acc353
82a3928167b54c8dd1cd0ff99f5ba3b0b4377f375b91fc27b3a7dde6c46c964e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c4937bf9d29c14959fb8bf8664d9390a4a26a0f754dd88ca0ccb3063ccd3d23
8ca9d9f7d337ada090f646126dd8b2c916d241f8d7f304d34cad541cad9f7489
9450cca8ef6f96892c4ca2e6b4fd792368270d16b4ef3e94674565562250abab
952a94358767546f40249478c6dc45de4107ab468f2ebefeca937305753f5e01
a789379d5f0df109a9a9e7a3178a061b8c2935fca9112b2271afe427ff093c5a
b675b407b57a47d9be7448e395003af9bce2c46dec85d3f6f53fe7e20486d8ff
c544428cacfba0dd43cd6be8969baa4a4e17a458183eb509b1932b769298615f
d1c4296e33f4969922e78bf6ed19d0bcc2b3cc7cce418ce13a0029dd15136ebb
d522c38396f32b686a15e158bfd6d3b1e1024b4addd6b6069440713412a72da1
dd458af6c792b2b762c12a8d950b43fe9a201f40756ce3a50f2f1852cf87af7b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bbb768a34a120700dc2ab0a8f50b33734c01194e07a97ab54c70589edb4e35
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2d71d5147ff7f76dc791085f9ecafafa6028da21fca8866058b8c06aca67be
f05287056a8a553a43bf2d61581e77f6b8a2fd44f0110f7d73c46420cd2af065
f1795ea3abd10f1e1ebf6581fdddd26f5cdb5e8fc99b266262502d4df926fb98
fee2d70edfb9fe8f980e7aaf5e2649d5b091df83b1bcbfb1694ccd8d148e7292