www.heroesprofile.com Open in urlscan Pro
2a00:1450:4001:81d::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.heroesprofile.com/
Effective URL:
https://www.heroesprofile.com/
Submission: On June 12 via api (June 12th 2024, 1:05:51 am UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 23 domains to perform 56 HTTP transactions. The main IP is 2a00:1450:4001:81d::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.heroesprofile.com.
TLS certificate: Issued by GTS CA 1D4 on April 23rd 2024. Valid for: 3 months.

This is the only time www.heroesprofile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a00:1450:400... 2a00:1450:4001:81d::2013	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::1079:1	60068 (CDN77 _) (CDN77 _)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:2e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
3	52.222.210.210 52.222.210.210	16509 (AMAZON-02) (AMAZON-02)
1 1	18.244.18.94 18.244.18.94	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:275... 2600:9000:275b:ba00:1b:cadc:ef40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.128 99.86.4.128	16509 (AMAZON-02) (AMAZON-02)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::ac43:246e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.202.202.73 34.202.202.73	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2100	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.197.230.215 18.197.230.215	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1791	() ()
1	34.95.69.49 34.95.69.49	() ()
1	34.120.111.33 34.120.111.33	() ()
56	27

9 2a00:1450:4001:81d::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.heroesprofile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::1079:1 (Germany)

ASN60068 (CDN77 _, GB)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:2e8e (United States)

ASN13335 (CLOUDFLARENET, US)

hb.vntsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.194 (San Francisco, United States)

ASN54113 (FASTLY, US)

hb-vntsm-com.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.210.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-210.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-94.fra56.r.cloudfront.net

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:275b:ba00:1b:cadc:ef40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.202.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-202-73.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.230.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-230-215.eu-central-1.compute.amazonaws.com

api.cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1791 (None, )

ASN- ()

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.69.49 (None, )

ASN- ()

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.111.33 (None, )

ASN- ()

cdn.edkt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4992 api.cmp.inmobi.com — Cisco Umbrella Rank: 16880	220 KB
9	heroesprofile.com www.heroesprofile.com	1014 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1328	106 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 351 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 733 aax.amazon-adsystem.com Failed	83 KB
4	vntsm.com hb.vntsm.com — Cisco Umbrella Rank: 38820	374 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1783 a.ad.gt — Cisco Umbrella Rank: 1995	5 KB
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	174 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 4256	128 B
2	gstatic.com fonts.gstatic.com	27 KB
2	vntsm.io hb.vntsm.io — Cisco Umbrella Rank: 48577	651 B
1	edkt.io cdn.edkt.io	8 KB
1	clean.gg i.clean.gg Failed
1	script.ac cadmus.script.ac	47 KB
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3017	467 B
1	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1095	27 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2062	12 KB
1	quantcast.com 1 redirects cmp.quantcast.com — Cisco Umbrella Rank: 9107	592 B
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1085	918 B
1	fastly.net hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 58746
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 8196	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078	258 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	96 KB
56	23

	Domain	Requested by
9	www.heroesprofile.com	www.heroesprofile.com
8	cmp.inmobi.com	www.heroesprofile.com cmp.quantcast.com hb.vntsm.com cmp.inmobi.com
4	secure.cdn.fastclick.net	www.heroesprofile.com secure.cdn.fastclick.net
4	hb.vntsm.com	www.heroesprofile.com hb.vntsm.com
3	c.amazon-adsystem.com	hb.vntsm.com
2	id.hadron.ad.gt	hb.vntsm.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	hb.vntsm.com
2	securepubads.g.doubleclick.net	hb.vntsm.com securepubads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	hb.vntsm.io	hb.vntsm.com
1	cdn.edkt.io	cadmus.script.ac
1	i.clean.gg	hb.vntsm.com
1	cadmus.script.ac	hb.vntsm.com
1	api.cmp.inmobi.com	hb.vntsm.com
1	a.ad.gt	cdn.hadronid.net
1	proc.ad.cpe.dotomi.com	hb.vntsm.com
1	cdn.id5-sync.com	www.heroesprofile.com
1	cdn.hadronid.net	www.heroesprofile.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cmp.quantcast.com	1 redirects
1	ad-delivery.net	hb.vntsm.com
1	hb-vntsm-com.global.ssl.fastly.net	hb.vntsm.com
1	fonts.googleapis.com	www.heroesprofile.com
1	www.google.de	www.heroesprofile.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	www.heroesprofile.com
0	aax.amazon-adsystem.com Failed	hb.vntsm.com
56	28

This site contains links to these domains. Also see Links.

Domain
drafter.heroesprofile.com
api.heroesprofile.com
autobattler.setup.heroesprofile.com
github.com
www.patreon.com
heroesprofile.com

Subject Issuer	Validity	Valid
www.heroesprofile.com GTS CA 1D4	`2024-04-23` - `2024-07-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.vntsm.com R3	`2024-03-22` - `2024-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-07` - `2024-08-06`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2024-05-29` - `2024-08-27`	3 months	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2023-11-27` - `2024-12-25`	a year	crt.sh
id5-sync.com E1	`2024-06-04` - `2024-09-02`	3 months	crt.sh
id.hadron.ad.gt E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
a.ad.gt E6	`2024-06-09` - `2024-09-07`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
script.ac E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
edkt.io GTS CA 1D4	`2024-06-06` - `2024-09-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.heroesprofile.com/
Frame ID: 0017734414A680C3A37E256D5A8C40C6
Requests: 52 HTTP requests in this frame

Frame: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Frame ID: 351BDD54E065AB397CC0E42D042D2467
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Heroes Profile

Page URL History Show full URLs

http://www.heroesprofile.com/ HTTP 307
https://www.heroesprofile.com/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

56
Requests

95 %
HTTPS

59 %
IPv6

23
Domains

28
Subdomains

27
IPs

4
Countries

2197 kB
Transfer

7042 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://drafter.heroesprofile.com/Drafter
Title: Drafter

Search URL Search Domain Scan URL

URL: https://api.heroesprofile.com/upload
Title: Replay Uploader

Search URL Search Domain Scan URL

URL: https://autobattler.setup.heroesprofile.com/
Title: Auto Battler

Search URL Search Domain Scan URL

URL: https://github.com/Heroes-Profile/heroesprofile/issues/new?assignees=&labels=&projects=&template=bug_report.md
Title: Submit an Issue

Search URL Search Domain Scan URL

URL: https://github.com/Heroes-Profile/heroesprofile/discussions/new?category=ideas
Title: Submit a Request

Search URL Search Domain Scan URL

URL: https://github.com/Heroes-Profile/heroesprofile/discussions
Title: Discussions

Search URL Search Domain Scan URL

URL: https://api.heroesprofile.com/Api
Title: API

Search URL Search Domain Scan URL

URL: https://www.patreon.com/heroesprofile
Title: Remove Ads / Patreon

Search URL Search Domain Scan URL

URL: https://api.heroesprofile.com/
Title: https://api.heroesprofile.com/

Search URL Search Domain Scan URL

URL: https://heroesprofile.com/
Title: Heroes Profile

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.heroesprofile.com/ HTTP 307
https://www.heroesprofile.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/choice.js?tag_version=V2?timestamp=1718154346373 HTTP 301
https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/choice.js?tag_version=V2

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.heroesprofile.com/
Redirect Chain

http://www.heroesprofile.com/
https://www.heroesprofile.com/

10 KB
4 KB

434ms
434ms

Document
text/html

2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / PHP/8.2.19
Resource Hash: 420a9c71f8209fd27387239e5eb3fd6f7273e72d798477969db17cd9f47d9077

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 01:05:45 GMT
expires: Wed, 12 Jun 2024 01:05:45 GMT
server: Google Frontend
vary: Accept-Encoding
x-powered-by: PHP/8.2.19

Redirect headers

Location: https://www.heroesprofile.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
96 KB 88ms
38ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XTN5LVP358

Requested by

Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3275f90b0aa9bce8b3d5a7eca69042ddf2843f5d27a3e0d2bf9227649a50a6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97443
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Jun 2024 01:05:45 GMT

GET
H2 200 ad-manager.min.js Show response
hb.vntsm.com/v3/live/ 143 KB
43 KB 104ms
18ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: d662d943d609cbb91b9b3c80a45d7aca1b8db65200245608d67b8bbb7b3c85e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-server-side-encryption: AES256
cdn-cachedat: 06/11/2024 15:09:16
cdn-pullzone: 131999
last-modified: Tue, 11 Jun 2024 15:09:07 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"040738271af08e180449d09eee5ffa7a"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
x-bl: 0
cdn-requestid: a8cb973b33c34b57d8438320bf4da144
cdn-requestcountrycode: DE
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 app-5b918934.css
www.heroesprofile.com/build/assets/ 34 KB
7 KB 143ms
142ms Stylesheet
text/css 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heroesprofile.com/build/assets/app-5b918934.css
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5b91893433da7592d4b0d58ce01521e4f33b7fb53379df8da1e1ada896b9d5a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 13:28:01 GMT
server: Google Frontend
etag: "89e1-61a38a6e85a40-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: c21e85ef3d6f92a11d26e85993c5a0b0
cache-control: private
accept-ranges: bytes
content-length: 6936

GET
H2 200 app-763ce162.css
www.heroesprofile.com/build/assets/ 108 KB
24 KB 145ms
145ms Stylesheet
text/css 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heroesprofile.com/build/assets/app-763ce162.css
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 763ce162752c2844fddeeab48054cdc42d1d34c9db59b3313faa21c4003754f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 13:28:01 GMT
server: Google Frontend
etag: "1af80-61a38a6e85a40-gzip"
vary: Accept-Encoding
content-type: text/css
x-cloud-trace-context: 713f4d66369cc845fb4321c5097d8c77
cache-control: private
accept-ranges: bytes
content-length: 24100

GET
H2 200 app-3b6281f4.js Show response
www.heroesprofile.com/build/assets/ 2 MB
322 KB 150ms
149ms Script
text/javascript 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heroesprofile.com/build/assets/app-3b6281f4.js
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e4ad7ba2250b9af608b756fe2b9b8bc0b9584a0557570ac5e1213c29a4a6abfd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Origin: https://www.heroesprofile.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 13:28:01 GMT
server: Google Frontend
etag: "1d3a81-61a38a6e85a40-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private
accept-ranges: bytes

GET
H2 200 heroesprofilelogo.png
www.heroesprofile.com/images/logo/ 40 KB
40 KB 143ms
143ms Image
image/png 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heroesprofile.com/images/logo/heroesprofilelogo.png
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4f55e11f90e600016f149843dea6f06aa5c8bc77336edefb5a2ee43d9baea3ed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
last-modified: Thu, 06 Jun 2024 13:28:01 GMT
server: Google Frontend
etag: "a0ba-61a38a6e85a40"
content-type: image/png
x-cloud-trace-context: c88668b35a4245d462697d27f6398c13
accept-ranges: bytes
content-length: 41146

GET
H2 200 60f587eddd63d722e7e57bc1.enc Show response
hb.vntsm.com/v2/live/ 44 KB
7 KB 58ms
20ms XHR
text/plain 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/60f587eddd63d722e7e57bc1.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 82e0988805012893412d1b4491979a7961bc8015cdf83c66a556bf8fa2b356e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
content-encoding: br
cdn-edgestorageid: 1079
x-amz-server-side-encryption: AES256
cdn-cachedat: 06/11/2024 15:41:39
cdn-pullzone: 131999
last-modified: Thu, 16 Nov 2023 12:39:01 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"f7d854f550edd9b419cd7d4ab833d8c6"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: *
cdn-cache: STALE
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials: true
x-bl: 0
cache-control: public, max-age=86400
cdn-requestid: 5897aaf59a9961da90ccc51a8324d8dc
cdn-requestcountrycode: DE
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 72ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-XTN5LVP358&gtm=45je46a0v9132879028za200&_p=1718154345608&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=809307648.1718154346&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1718154345&sct=1&seg=0&dl=https%3A%2F%2Fwww.heroesprofile.com%2F&dt=Home%20%7C%20Heroes%20Profile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=677
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTN5LVP358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 01:05:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heroesprofile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 85ms
26ms Ping
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XTN5LVP358&cid=809307648.1718154346&gtm=45je46a0v9132879028za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XTN5LVP358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 01:05:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.heroesprofile.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 56ms
28ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XTN5LVP358&cid=809307648.1718154346&gtm=45je46a0v9132879028za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=317895914

Requested by

Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 12 Jun 2024 01:05:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
2 KB 77ms
30ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans&family=Ruslan+Display&display=swap

Requested by

Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/build/assets/app-5b918934.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d03f6eb57633893c17faf2362b392b3add769a0fd24395a86c3eb3b3aeb01e62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Jun 2024 01:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 01:05:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jun 2024 01:05:45 GMT

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
651 B 388ms
324ms Fetch
text/html 2606:4700:10::6816:2e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
cf-cache-status: MISS
x-amz-request-id: RM31TXX61B1QG1AH
content-length: 32
x-amz-id-2: oLy/py+dm0UKoH6aE0X3CRO3QFqneAbxprPM5pwUT9wDK9G22cMbZzF+lRPTa25ItfGijd20juzUZlPVZoNiAQ==
geo: DE
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8925ef35bb203a84-FRA

GET
H/1.1 200
OK g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/ 0
0 66ms
18ms Fetch
text/plain 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.194 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 01:05:45 GMT
Via: 1.1 varnish, 1.1 varnish
Venatus-CDN-HB-Rule-Version: 1.1
Strict-Transport-Security: max-age=300
Age: 2306
x-amz-server-side-encryption: AES256
X-Cache: HIT, HIT
Connection: keep-alive
X-IP: 217.114.218.21
Content-Length: 0
x-amz-id-2: N46rrv3P9fhLFMLJLeDQnF9Z+7K96I1Higa3Vgj4QhicdnyOAO/D7J4Ll+6X/Z5OAOU+vRd4B5U=
X-Served-By: cache-dub4358-DUB, cache-fra-etou8220051-FRA
Geo-Sub: NW
Last-Modified: Tue, 02 Apr 2024 15:20:36 GMT
X-Timer: S1718154346.859443,VS0,VE0
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Geo: DE
X-Cache-Hits: 10, 9

GET
H2 200 Gw6jwczl81XcIZuckK_e3Upfdwxsn90.woff2
fonts.gstatic.com/s/ruslandisplay/v26/ 8 KB
8 KB 71ms
26ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ruslandisplay/v26/Gw6jwczl81XcIZuckK_e3Upfdwxsn90.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Ruslan+Display&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7d0a1bb079915cd63d5fe975b48ea9b4868f4608810baf8224fb7a6b9301c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.heroesprofile.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 11:30:06 GMT
x-content-type-options: nosniff
age: 48939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8280
x-xss-protection: 0
last-modified: Thu, 25 Jan 2024 21:29:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 11:30:06 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
19 KB 63ms
19ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&family=Ruslan+Display&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.heroesprofile.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 04:58:19 GMT
x-content-type-options: nosniff
age: 72446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 04:58:19 GMT

GET
H2 200 ad-manager-bundle.min.js Show response
hb.vntsm.com/ab/live/fatum/ 1 MB
323 KB 19ms
18ms Script
application/javascript 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash: 60e7ea4aeb10660de46e790c7ed5a323ba4b6e8190e2f5f2ce2e5fca846763c0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-amz-server-side-encryption: AES256
cdn-cachedat: 06/11/2024 15:09:16
cdn-pullzone: 131999
last-modified: Tue, 11 Jun 2024 14:17:37 GMT
server: BunnyCDN-DE1-1079
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"78fdf4ba62e1b767deeb661ffb5df287"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
x-bl: 0
cdn-requestid: 0d91df77bc6e1aaec2157da42e34d7c2
cdn-requestcountrycode: DE
access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 windowsUploader.PNG
www.heroesprofile.com/images/miscellaneous/ 262 KB
263 KB 146ms
146ms Image
image/png 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heroesprofile.com/images/miscellaneous/windowsUploader.PNG
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: fe8a84fbc1081574ba345a417ce787c40be5a508fbe59f5dce4fc84e33659a5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
last-modified: Thu, 06 Jun 2024 13:28:01 GMT
server: Google Frontend
etag: "41877-61a38a6e85a40"
content-type: image/png
x-cloud-trace-context: 4e10cb2e973bc7402af6041e4a368d01
accept-ranges: bytes
content-length: 268407

GET
H2 200 full_deathwing.png
www.heroesprofile.com/images/logo/ 185 KB
186 KB 145ms
145ms Image
image/png 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.heroesprofile.com/images/logo/full_deathwing.png
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5567acc5abb05171151a3ad30d1383de4ce540fa57d195e3e61af04ee455ed46

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
last-modified: Thu, 06 Jun 2024 13:28:01 GMT
server: Google Frontend
etag: "2e40d-61a38a6e85a40"
content-type: image/png
x-cloud-trace-context: abe5453395cd31ec6876e2bb734b53c4
accept-ranges: bytes
content-length: 189453

GET
H2 200 fa-solid-900-ae17c16a.woff2
www.heroesprofile.com/build/assets/ 153 KB
153 KB 186ms
186ms Font
font/woff2 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heroesprofile.com/build/assets/fa-solid-900-ae17c16a.woff2
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/build/assets/app-763ce162.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/build/assets/app-763ce162.css
Origin: https://www.heroesprofile.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
last-modified: Thu, 06 Jun 2024 13:28:01 GMT
server: Google Frontend
etag: "262f0-61a38a6e85a40"
content-type: font/woff2
x-cloud-trace-context: 1c69b46fc0c18b63497a237654ab6d8b
accept-ranges: bytes
content-length: 156400

GET
H2 200 content.html Show response
hb.vntsm.io/ 32 B
0 130ms
130ms Fetch
text/html 2606:4700:10::6816:2e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.io/content.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2e8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
cf-cache-status: MISS
x-amz-request-id: RM31TXX61B1QG1AH
content-length: 32
x-amz-id-2: oLy/py+dm0UKoH6aE0X3CRO3QFqneAbxprPM5pwUT9wDK9G22cMbZzF+lRPTa25ItfGijd20juzUZlPVZoNiAQ==
geo: DE
last-modified: Thu, 14 Oct 2021 10:47:47 GMT
server: cloudflare
etag: "2f58b9ff601fd509249a9e7628a21c33"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8925ef35bb203a84-FRA

GET
H2 200 px.gif Show response
ad-delivery.net/ 43 B
918 B 85ms
37ms Fetch
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1348036
x-guploader-uploadid: ABPtcPpnxrHGExSnudiHlZtk9fA-y2ZvhEhVL8qSmMx_-9VCgYEo7AFlrZ_kDTfqz2676o4DNZdQ2rIQ0Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yCv6iG4yzziN4fUCLWBaoQkjp5plJpDjRzNbaoEPLYRGLxhjktiufMhBgW0oohVA%2BtyaOWiNoYN7gCFcVZAd%2BgXL3du943sw2q%2FrXQNxoYkiezSKjzUsTVuT9l6bpwJLVY4141cU4nu4KwOA8g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8925ef376ecd30c4-FRA
expires: Mon, 27 May 2024 11:21:22 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
30 KB 77ms
37ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

2a50bdd84b71c397e901ba4920a6c9f37f9f8704ebd2954b6ecd2a61a42620d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30968
x-xss-protection: 0
server: cafe
etag: 278 / 19886 / 31084434 / config-hash: 2057084564872460801
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Jun 2024 01:05:46 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 308 KB
76 KB 87ms
23ms Script
application/javascript 52.222.210.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-210.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:16:05 GMT
content-encoding: gzip
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront), 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2024 21:55:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 2982
x-amz-server-side-encryption: AES256
etag: W/"8f94a6a072a070cbb8299e59a43dbe3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 9H09nyni_KA6nB0le_9sOQmFKJdGypxQhbHmWKxLUWUZiokBN0y9Pg==

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/
Redirect Chain

https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/choice.js?tag_version=V2?timestamp=1718154346373
https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/choice.js?tag_version=V2

3 KB
2 KB

127ms
57ms

Script
application/javascript

2600:9000:275b:ba00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/choice.js?tag_version=V2
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Server: 2600:9000:275b:ba00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 628ca789fd8425d0045b3e48b6a55ee2a1478bc4e1f6ff13aa0f73eb2dfdbaaa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heroesprofile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 12 Jun 2024 01:05:47 GMT
content-encoding: br
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
last-modified: Tue, 04 Jun 2024 07:36:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
x-amz-server-side-encryption: AES256
etag: W/"bb5236265af1f8a4d49a361f88ae6f7a"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 7KJmfVELiT-nHurFL97J_uYgVXRfJzmcagWrrSo3AFS4Y6UFb-MCyQ==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/choice.js?tag_version=V2
date: Wed, 12 Jun 2024 01:05:47 GMT
via: 1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 19:42:57 GMT
server: AmazonS3
etag: "5fe1ae5e373b3de13f4d260fe0d0c21d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: M_AuHE4-jPsMt0qekZhD3oERPNWZcUgmyPzIpI10KgLQBpqtXEwvsA==

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/ 463 KB
144 KB 21ms
21ms Script
text/javascript 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406100101/pubads_impl.js?cb=31084434

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 20:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15999
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147345
x-xss-protection: 0
server: cafe
etag: 14651848665127099269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 11 Jun 2025 20:39:07 GMT

GET
H2 200 70247b00-ff8f-4016-b3ab-8344daf96e09 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
829 B 70ms
20ms Script
application/javascript 99.86.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-128.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1777ef5f2613e35015a34031cba4dcb7d5275bbc9cf1109a52b37a6b88cfa12f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 00:41:24 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 1462
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: T8LKpkP9tQK3y32VCS7XmUn7mU-5TWT-AF1-1eA9McrxJJghXATLKQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 118ms
117ms XHR
application/json 52.222.210.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.heroesprofile.com&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-210.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:45 GMT
via: 1.1 e026b2802d48048e9935caadbecf124e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.heroesprofile.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2353
x-amz-cf-id: QGXdFCCGJlZ5cuLgPi-2K1RZ0I8KISU_HbDmK0GrHhWS_40UddqmiA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 58ms
21ms XHR
application/javascript 52.222.210.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-210.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 07:34:14 GMT
x-amz-cf-pop: FRA56-P3
age: 63093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: EUNKvBJaesKMmM_aQAe6JOVhG7TURVKIBDJidktDky-Qymlb9fKg_A==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 80ms
21ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Wed, 12 Jun 2024 01:20:46 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 56 KB
12 KB 74ms
33ms Script
application/javascript 2606:4700:10::ac43:246e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.heroesprofile.com%2F&ref=&_it=amazon&partner_id=288
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
server: cloudflare
x-amz-request-id: 4GNTEWM5RE8S976C
age: 5641
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
cf-ray: 8925ef3ab9693827-FRA
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 349ms
114ms Preflight 34.202.202.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.202.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-202-73.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heroesprofile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Wed, 12 Jun 2024 01:05:46 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 93 KB
27 KB 91ms
33ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 12:31:06 GMT
server: cloudflare
x-amz-request-id: DD0TC9P1WC51V5Y0
age: 1990
etag: W/"975872beea6fa436507d8a74321584b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8925ef3aca039f3f-FRA
x-amz-id-2: VLdnf4WQKagOfkFquFcG/wF6ILhuIAvh0EYvn2PzZwMf9p8C9mMuAxkQ7jB2LX8jgeE0UahKJgk=

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 80ms
21ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: www.heroesprofile.com
URL: https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Wed, 12 Jun 2024 01:20:46 GMT

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 113ms
113ms XHR
text/plain 34.202.202.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.202.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-202-73.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 12 Jun 2024 01:05:47 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 102 B
265 B 122ms
122ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.heroesprofile.com&url=https://www.heroesprofile.com/
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ea513fde38909ab077cdd7d7a05224050b1dc1c0140ad3e87d8e4f1c56fdb33

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 8925ef3bfc0c196a-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 167ms
122ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.heroesprofile.com&url=https://www.heroesprofile.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.heroesprofile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8925ef3b3b9a196a-FRA
content-length: 0
content-type: application/json
date: Wed, 12 Jun 2024 01:05:46 GMT
debug: OPTIONS block
expires: Thu, 12 Jun 2025 01:05:46 GMT
server: cloudflare

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 21ms
20ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Wed, 12 Jun 2024 01:20:46 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
467 B 139ms
35ms XHR
application/json 2a02:fa8:8806:20::2100
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.heroesprofile.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Wed, 12 Jun 2024 01:35:46 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 23ms
23ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:46 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Wed, 12 Jun 2024 01:20:46 GMT

GET
H2 200 288 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 88ms
35ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.heroesprofile.com%2F&ref=&_it=amazon&partner_id=288
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 077df3f2aacc44de1db5a469314ee24e8409e131e514daae80f22559a054b36d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 12 Jun 2024 00:59:30 GMT
server: cloudflare
age: 135
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 8925ef3d1be21c11-FRA

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/53/ 167 KB
44 KB 25ms
25ms Script
text/javascript 2600:9000:275b:ba00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=heroesprofile.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/heroesprofile.com/choice.js?tag_version=V2?timestamp=1718154346373
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ba00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:30:25 GMT
content-encoding: br
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 41723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 03 Jun 2024 09:45:41 GMT
server: AmazonS3
etag: W/"db6c513b7a9d1bf38b36047c185655a2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: gge2ftmH2LWlcqU8DIz4nQdQMz464QnVVxdwj7X1SR6-nzk_wnWL5A==

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
322 B 57ms
19ms XHR
application/json 2600:9000:275b:ba00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ba00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:47 GMT
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 39
x-amz-cf-id: gXADhCFCydUkmuPmw-RTmU62jPlwVnX0dePXaUPtDVh4iFchhtvaNg==

GET
H2 200 cookieTest.html
hb.vntsm.com/ab/live/3pcookie/ Frame 351B 0
0 64ms
23ms Document
text/html 2400:52e0:1e00::1079:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/ab/live/3pcookie/cookieTest.html
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1079 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.heroesprofile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: cdn-requestcountrycode,Content-Type,x-bl,ref_url
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers: x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control: public, max-age=86400
cdn-cache: HIT
cdn-cachedat: 06/11/2024 15:09:15
cdn-edgestorageid: 1079
cdn-proxyver: 1.04
cdn-pullzone: 131999
cdn-requestcountrycode: DE
cdn-requestid: 5d968c456943c415f61c5f0379eddc51
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 5d6cd18c-1b61-4922-947b-91a6b9ea7b00
content-encoding: br
content-type: text/html
date: Wed, 12 Jun 2024 01:05:47 GMT
etag: W/"d80b9831e6e7896aa97e84d70f49e545"
last-modified: Sun, 10 Sep 2023 14:04:21 GMT
server: BunnyCDN-DE1-1079
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-bl: 0

GET
H2 200 cmp-list.json Show response
cmp.inmobi.com/GVL-v2/ 19 KB
4 KB 88ms
88ms XHR
application/json 2600:9000:275b:ba00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ba00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4a1d33dc01bd24cd86383e3397c3f0e9da16d19bf63b954bd3ea7033009cdad

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 03:00:45 GMT
content-encoding: br
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 79503
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 11 Jun 2024 03:00:42 GMT
server: AmazonS3
etag: W/"36a5f9390f3bee7bf94ea645e907f5fe"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: i2xsbDtx-CjTg62g20v5izlLufmuXlf1sefR1_PyljJ4iXgUIrLK6Q==

GET
H2 200 favicon.ico
www.heroesprofile.com/ 15 KB
15 KB 138ms
138ms Other
image/vnd.microsoft.icon 2a00:1450:4001:81d::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.heroesprofile.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0ada8cc6d7170aec06af3fd45282a4a11b8a3eb2472e0cac8b7a78e7c33b9caf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:47 GMT
last-modified: Thu, 06 Jun 2024 13:28:01 GMT
server: Google Frontend
etag: "3c2e-61a38a6e85a40"
content-type: image/vnd.microsoft.icon
x-cloud-trace-context: 41bdad683af4bbe88d4720d3adc109ee
accept-ranges: bytes
content-length: 15406

GET
H2 200 cmp2ui-en.js Show response
cmp.inmobi.com/tcfv2/53/ 297 KB
72 KB 22ms
21ms Script
text/javascript 2600:9000:275b:ba00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/53/cmp2ui-en.js
Requested by: Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/53/cmp2.js?referer=heroesprofile.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ba00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:30:25 GMT
content-encoding: br
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 41723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Mon, 03 Jun 2024 09:45:44 GMT
server: AmazonS3
etag: W/"991fbc793ffbdf15116c0458b5a2027a"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: KKxlE5oZ3MM5xnioCSHde9Y8-XH07HxYmHVz3kzePzLHX8Hj43rg5g==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.inmobi.com/GVL-v3/ 592 KB
65 KB 21ms
21ms XHR
application/json 2600:9000:275b:ba00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/GVL-v3/vendor-list-trimmed-v1.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ba00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ad69868a415840ee004b263f8eb1efc8b4bc9e8a78e80a26660ce1501acd938

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:59:24 GMT
content-encoding: br
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 3983
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 06 Jun 2024 23:59:18 GMT
server: AmazonS3
etag: W/"c79596ca9657b2734bba748b22c4d86f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: h5t8doQLTBA9J1nnaqgk9yr7YDfS7stWyC6jWVwREwFysNcn0zH8Kw==

GET
H2 200 google-atp-list.json Show response
cmp.inmobi.com/tcfv2/ 142 KB
33 KB 44ms
44ms XHR
application/json 2600:9000:275b:ba00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ba00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a5c2a665e9bc10d5d1da5e0ce1acecabecaf4313c86f33d223cf7ae8581e74b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 13:30:25 GMT
content-encoding: br
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
age: 41723
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 11 Jun 2024 03:00:25 GMT
server: AmazonS3
etag: W/"f300e89defd25e7183942f8457ae4170"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: ycHBDHL_mXd9jHD_ZbY08o-TBUmr9mTjG6CY8tAbevKvCMcRMcmBqw==

GET
H2 200 / Show response
api.cmp.inmobi.com/ 2 B
101 B 85ms
21ms XHR
text/plain 18.197.230.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22www.heroesprofile.com%22%2C%22publisher%22%3A%22heroesprofile.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.53%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22iteWMwcm1FkcJSWuHuwZjw%22%2C%22gvlVersion%22%3A3%2C%22clientTimestamp%22%3A1718154347247%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-876qk17bfn7u7b5r8c0p%22%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.197.230.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-230-215.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 12 Jun 2024 01:05:47 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 geoip Show response
cmp.inmobi.com/ 39 B
321 B 19ms
19ms XHR
application/json 2600:9000:275b:ba00:1b:cadc:ef40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/geoip
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:ba00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:47 GMT
via: 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P7
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 39
x-amz-cf-id: U_V9DefYMh8LK0u0dEiBcQqrWCqYczovi4yE6pnxKkrhur2Dy4SZFQ==

GET
H2 200 script.js Show response
cadmus.script.ac/d1oykxszdrgjgl/ 136 KB
47 KB 84ms
28ms Script
application/javascript 2606:4700::6812:1791

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/ab/live/fatum/ad-manager-bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1791 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: eb4fce31df5afd6f4861a72829bae9fbeb517781f37123318e2b11e8319c6894

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 01:05:51 GMT
content-encoding: gzip
last-modified: Tue, 11 Jun 2024 21:32:29 GMT
server: cloudflare
age: 0
etag: W/"1a46f96a75da6635ed1d75f900ff7307a0ca51ad"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 8925ef5649061903-FRA

POST 1a
i.clean.gg/ 0
0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 160ms
109ms Preflight
text/plain 34.95.69.49

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 -, , ASN (),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.heroesprofile.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 12 Jun 2024 01:05:51 GMT
server: nginx/1.21.6
via: 1.1 google

GET bid
aax.amazon-adsystem.com/e/dtb/ 0
0

GET
H2 200 edgekit.min.js Show response
cdn.edkt.io/rNn9xk/ 23 KB
8 KB 100ms
22ms Script
text/javascript 34.120.111.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.edkt.io/rNn9xk/edgekit.min.js
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/d1oykxszdrgjgl/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.111.33 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 77ea16cd40f591471d64f4954eafd3d3f6674b93f839e0f2390f8150766af154

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.heroesprofile.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:29:35 GMT
content-encoding: gzip
age: 20176
x-guploader-uploadid: ABPtcPryxMNZWF_ESZcv-KtPCa_9CoJ5ksT9eAX9wFlJ5GobZoIyoeb4oa1J3nflvxrMvRX2g_0ji6X1og
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7643
last-modified: Thu, 06 Jun 2024 06:38:39 GMT
server: UploadServer
etag: "88ffe2c4952c7a0527bf45b8bb456e80"
x-goog-generation: 1717655919472738
x-goog-hash: crc32c=2rqeUA==, md5=iP/ixJUsegUnv0W4u0VugA==
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 7643
accept-ranges: bytes
expires: Wed, 12 Jun 2024 19:29:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.clean.gg
URL: https://i.clean.gg/1a

Domain: aax.amazon-adsystem.com
URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.heroesprofile.com%2F&pid=9ehVYJ6A773Df&cb=0&ws=1600x1200&v=24.610.1703&t=3500&slots=%5B%7B%22sd%22%3A%2260f593a446e4640fd9497d37-1102%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22468163460%2FVM_60f587eddd63d722e7e57bc1%22%7D%5D&schain=1.0%2C1%21venatus.com%2C60f5878946e4640fd9497d32%2C1%2C%2C%2C&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.heroesprofile.com/	1970-01-20 21:16:09	Name: XSRF-TOKEN Value: eyJpdiI6IjlocmY0aGJ4ZSsxMmY2RzJaeFlGM3c9PSIsInZhbHVlIjoiYUpxNVhYSHd2R1czQzl0S0pUUERtaG9ibjltblFqQWI1VDJjUi9oZmhMVmxUTURwYzVvVFpUdEp0bFFOOENreXlmanFzWW5xbklMcUVDMitHN25yeWU5Q2xuaEhBcGJWSUlLMjBESUw0UDBQbVpMTStobGdVSzlNdncvMTYwcFoiLCJtYWMiOiIyNDc0MzMxYmJjMDc4ZmI5NjA0YWM2YmQzZjkwNzA0YjIwYzE0ZmVhMDA3OTM3YTUzYmQ4ZjkxZWUxYzBmMDY1IiwidGFnIjoiIn0%3D
.heroesprofile.com/	1970-01-20 21:16:09	Name: heroesprofile_session Value: eyJpdiI6IktwUEMreVQ1WDZFZkpVQkpXQUY2eGc9PSIsInZhbHVlIjoiWnhmZG5SQ01BRkFXbTBVYm4rZml6a3FMWW45L2RhcVl2cy8rQmlQQmFTdncxWTVheUtZUEQwdy9EN3pRUXhwdmJJUytWNXlxTWVlbTJNN3dXcFo4cTRRVUtKT05WeVBTaFJQb0tMVFY2SlZIWnhRdkVpaFJOeXdtOWpXYzVPR20iLCJtYWMiOiI5NjVlMzM0OWRlZGE5YmVjNjBjNWM4YmRmNzY2OTg2ZjM2OGZhNjIyM2IyNTk3Mzk4YTAyODY2OTYxZWJhMzQ1IiwidGFnIjoiIn0%3D
.heroesprofile.com/	1970-01-21 06:51:54	Name: _ga_XTN5LVP358 Value: GS1.1.1718154345.1.0.1718154345.60.0.0
.heroesprofile.com/	1970-01-21 06:51:54	Name: _ga Value: GA1.1.809307648.1718154346
.www.heroesprofile.com/	1970-01-21 06:37:30	Name: usprivacy Value: 1N--

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ad-delivery.net
api.cmp.inmobi.com
c.amazon-adsystem.com
cadmus.script.ac
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
cmp.inmobi.com
cmp.quantcast.com
config.aps.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.com
hb.vntsm.io
i.clean.gg
id.hadron.ad.gt
proc.ad.cpe.dotomi.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
region1.analytics.google.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
www.heroesprofile.com
aax.amazon-adsystem.com
i.clean.gg
142.250.186.99
151.101.1.194
18.197.230.215
18.244.18.94
184.30.211.26
2001:4860:4802:32::36
216.58.206.66
2400:52e0:1e00::1079:1
2600:9000:275b:ba00:1b:cadc:ef40:93a1
2606:4700:10::6816:2e8e
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:246
2606:4700::6812:1791
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:81d::2013
2a00:1450:4001:827::200a
2a00:1450:400c:c0d::9b
2a02:fa8:8806:20::2100
34.120.111.33
34.202.202.73
34.95.69.49
52.222.210.210
99.86.4.128
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
077df3f2aacc44de1db5a469314ee24e8409e131e514daae80f22559a054b36d
0ada8cc6d7170aec06af3fd45282a4a11b8a3eb2472e0cac8b7a78e7c33b9caf
1777ef5f2613e35015a34031cba4dcb7d5275bbc9cf1109a52b37a6b88cfa12f
2a50bdd84b71c397e901ba4920a6c9f37f9f8704ebd2954b6ecd2a61a42620d2
2a5c2a665e9bc10d5d1da5e0ce1acecabecaf4313c86f33d223cf7ae8581e74b
3275f90b0aa9bce8b3d5a7eca69042ddf2843f5d27a3e0d2bf9227649a50a6fd
420a9c71f8209fd27387239e5eb3fd6f7273e72d798477969db17cd9f47d9077
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4f55e11f90e600016f149843dea6f06aa5c8bc77336edefb5a2ee43d9baea3ed
5567acc5abb05171151a3ad30d1383de4ce540fa57d195e3e61af04ee455ed46
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5b91893433da7592d4b0d58ce01521e4f33b7fb53379df8da1e1ada896b9d5a9
60e7ea4aeb10660de46e790c7ed5a323ba4b6e8190e2f5f2ce2e5fca846763c0
628ca789fd8425d0045b3e48b6a55ee2a1478bc4e1f6ff13aa0f73eb2dfdbaaa
6d830a998066b3e15644d716280d1e6bdcef4dcb2c463da234743b7acb8416ed
706942656eb9d47aba1a60229b27acc14a95a7f81fd8f7227d2c4e2ab9687207
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
763ce162752c2844fddeeab48054cdc42d1d34c9db59b3313faa21c4003754f6
77ea16cd40f591471d64f4954eafd3d3f6674b93f839e0f2390f8150766af154
7ad69868a415840ee004b263f8eb1efc8b4bc9e8a78e80a26660ce1501acd938
82e0988805012893412d1b4491979a7961bc8015cdf83c66a556bf8fa2b356e1
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
9ea513fde38909ab077cdd7d7a05224050b1dc1c0140ad3e87d8e4f1c56fdb33
a4a1d33dc01bd24cd86383e3397c3f0e9da16d19bf63b954bd3ea7033009cdad
a61500a342875a17afc10c79e9c1596ae0e18182bf57f34390b4a68dad5ce1cd
ae17c16afbea216707b2203ea1cf9bdb45b9bfe47d0f4ae3258ddbc6294dd02f
ba7d0a1bb079915cd63d5fe975b48ea9b4868f4608810baf8224fb7a6b9301c1
c1ee48fdc9c11e6866e86ddc8c850aceff697a6e0b1ee20f1dd2d1877b3c66cd
c8cdde0b5d513ab590489a8c1a47625daa4778bfe6e72badbbb41330ebdb8f4f
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03f6eb57633893c17faf2362b392b3add769a0fd24395a86c3eb3b3aeb01e62
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d662d943d609cbb91b9b3c80a45d7aca1b8db65200245608d67b8bbb7b3c85e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ad7ba2250b9af608b756fe2b9b8bc0b9584a0557570ac5e1213c29a4a6abfd
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
eb4fce31df5afd6f4861a72829bae9fbeb517781f37123318e2b11e8319c6894
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7a0c447b915ba02cdfa198f1fee92f0a4a784dc895b61be659a9386c6ed3112
fe8a84fbc1081574ba345a417ce787c40be5a508fbe59f5dce4fc84e33659a5a

www.heroesprofile.com Open in urlscan Pro 2a00:1450:4001:81d::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

95 %HTTPS

59 %IPv6

23 Domains

28 Subdomains

27 IPs

4 Countries

2197 kBTransfer

7042 kBSize

5 Cookies

10 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.heroesprofile.com Open in urlscan Pro
2a00:1450:4001:81d::2013 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

95 %
HTTPS

59 %
IPv6

23
Domains

28
Subdomains

27
IPs

4
Countries

2197 kB
Transfer

7042 kB
Size

5
Cookies

56 HTTP transactions
0 data transactions