urlscan.io logo urlscan.io
SecurityTrails logo

p249699.myckdom.com Open in urlscan Pro
52.117.247.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://robloxpromocodes.io/
Effective URL: https://p249699.myckdom.com/adServe/domainClick?ai=LLy4NUwpsb04MbTaY_48XxH7_wrZ3WkS0yskzVwtiaWIV5NOjjiW7mwSnQEHpl29wUq-EVi6u...
Submission Tags: phishingrod
Submission: On June 25 via api from DE — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 9 HTTP transactions. The main IP is 52.117.247.211, located in United States and belongs to SOFTLAYER, US. The main domain is p249699.myckdom.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 20th 2023. Valid for: a year.
This is the only time p249699.myckdom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 103.224.182.252 133618 (TRELLIAN-...)
1 2 103.224.182.206 133618 (TRELLIAN-...)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 52.116.53.146 36351 (SOFTLAYER)
1 1 13.126.62.108 ()
1 1 23.235.251.213 ()
1 1 18.200.3.232 ()
1 42.99.140.179 ()
9 6
3    103.224.182.252 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-252.above.com
robloxpromocodes.io
2    103.224.182.206 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
plirkep.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p249699.myckdom.com
1    52.116.53.146 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 92.35.7434.ip4.static.sl-reverse.com
clkdeals.com
1    13.126.62.108 (None, )

ASN- ()
track.adnotebook.com
1    23.235.251.213 (None, )

ASN- ()
server.cpmstar.com
1    18.200.3.232 (None, )

ASN- ()
hero-wars.com
1    42.99.140.179 (None, )

ASN- ()
www.hero-wars.com
Apex Domain
Subdomains		 Transfer
3 robloxpromocodes.io
robloxpromocodes.io
22 KB
2 hero-wars.com
hero-wars.com
www.hero-wars.com
194 B
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 57146
p249699.myckdom.com
2 KB
2 plirkep.com
plirkep.com
2 KB
1 cpmstar.com
server.cpmstar.com
546 B
1 adnotebook.com
track.adnotebook.com
646 B
1 clkdeals.com
clkdeals.com — Cisco Umbrella Rank: 246408
197 B
0 akamaihd.net Failed
hwlandings-a.akamaihd.net Failed
9 8
Domain Requested by
3 robloxpromocodes.io robloxpromocodes.io
2 plirkep.com 1 redirects robloxpromocodes.io
1 www.hero-wars.com p249699.myckdom.com
1 hero-wars.com 1 redirects
1 server.cpmstar.com 1 redirects
1 track.adnotebook.com 1 redirects
1 clkdeals.com p249699.myckdom.com
1 p249699.myckdom.com plirkep.com
1 myckdom.com 1 redirects
0 hwlandings-a.akamaihd.net Failed
9 10

This site contains no links.

Subject Issuer Validity Valid
bronzer.com.au
R3		 2023-04-26 -
2023-07-25		 3 months crt.sh
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
www.clkdeals.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-07 -
2023-12-29		 a year crt.sh
www.hero-wars.com
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.hero-wars.com/
Frame ID: DC4B08B9C0B70B97AD8AC615F19827A7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://robloxpromocodes.io/ Page URL
  2. http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNX... HTTP 302
    http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNX... Page URL
  3. https://myckdom.com/aS/sfclick?u=cc813b4a-21aa-48a9-860c-5a665aadbe63 HTTP 302
    https://p249699.myckdom.com/adServe/domainClick?ai=LLy4NUwpsb04MbTaY_48XxH7_wrZ3WkS0yskzVwtiaWIV5NOjjiW7... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

9
Requests

67 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

6
IPs

2
Countries

24 kB
Transfer

54 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://robloxpromocodes.io/ Page URL
  2. http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0RnM1lzbG4zYW1VNE9IdDhuNkgwL2hpM0pMZ2VVK2dld1BGUkZCQlE5K2NoYldFYUV4TENWcDZLWXBvc2dOS01xZjBCQ3poVWdBNk9yWndiTWNncTM4bU4vZG5PYytKU3pmb1JtTUp6aFpkdUtnanIxa3VBRkIwcURUV0k3bXBRK1FzYmhQejAyZi9YZ2dNM2pWVjREVzRRbTErRjVZRVdBc1ZOWVJVOWxBL3c2N0R1bXdTVzBoK2I2dis5aGEybmVLV3E4c0lkMklmeGY3dzNyZWZpQnBwN3prTytST1lsdjRYRGFzY2VqZGtPc1MrMjFueDc4dDBYM3ZWMFJPbVRoL0xla09EUm51cU1VOVNzVS9vY202NEsvQlBzeU1zOXpQYkJFdE9xT2ozUU5HcFg0RXAxL1NhYm5VVDBmVGpOd1FLdFYweDN0blR3UnpiM2tsaW1lRVZweEZpTHFYVHRQc0dnZnI5U2RIZTljRkpacmVPaGlPZWdDblM1SEEvZXY0MUdsQ2NmdFVNbUFSbFZ6SFB3Vk1Hd2ZRUmRMTUxZQkxIREhyT0pzNHpYVkgyMDVKYmpIeEsvbHhocmtEM21sSkFvTzJNUmxySE9nVHJYM2VSQjh2VzBLckEzNzZ5Y3RPZjE0RkJaSmRhYXR5bDdsbG04UTUvTW9rU2pmZzNJWUVoL0RDOHFVdFBzakFEVkQySFZYLzJwMm52SkZpd1BBNXNneHNNdHhrWnRBU09GNzRMQ2xCblVwQm05UTVlSkk4WnpSZjdJUkxPUDZkTmJnbFF6RWkwcnNjdjgzODlWOWVwTS9ZMUVCUmVza3RtZnQ4UkFFb2ZSUzhJK1VMdWU2VndZa0xFV0YxTjM4SEZjL1Z5dlFxWXdIMHVWbGFmQUQvT0p2cGROcDZtSzIxZUNmY01URkhSeTYzRi9iRjJLT2N2dVUvcnA0OGJNYS9EczlRYnlNNHgwaUFxUnN5dFBWVVl4cU9xc3RDMVJBPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991 HTTP 302
    http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0RnM1lzbG4zYW1VNE9IdDhuNkgwL2hpM0pMZ2VVK2dld1BGUkZCQlE5K2NoYldFYUV4TENWcDZLWXBvc2dOS01xZjBCQ3poVWdBNk9yWndiTWNncTM4bU4vZG5PYytKU3pmb1JtTUp6aFpkdUtnanIxa3VBRkIwcURUV0k3bXBRK1FzYmhQejAyZi9YZ2dNM2pWVjREVzRRbTErRjVZRVdBc1ZOWVJVOWxBL3c2N0R1bXdTVzBoK2I2dis5aGEybmVLV3E4c0lkMklmeGY3dzNyZWZpQnBwN3prTytST1lsdjRYRGFzY2VqZGtPc1MrMjFueDc4dDBYM3ZWMFJPbVRoL0xla09EUm51cU1VOVNzVS9vY202NEsvQlBzeU1zOXpQYkJFdE9xT2ozUU5HcFg0RXAxL1NhYm5VVDBmVGpOd1FLdFYweDN0blR3UnpiM2tsaW1lRVZweEZpTHFYVHRQc0dnZnI5U2RIZTljRkpacmVPaGlPZWdDblM1SEEvZXY0MUdsQ2NmdFVNbUFSbFZ6SFB3Vk1Hd2ZRUmRMTUxZQkxIREhyT0pzNHpYVkgyMDVKYmpIeEsvbHhocmtEM21sSkFvTzJNUmxySE9nVHJYM2VSQjh2VzBLckEzNzZ5Y3RPZjE0RkJaSmRhYXR5bDdsbG04UTUvTW9rU2pmZzNJWUVoL0RDOHFVdFBzakFEVkQySFZYLzJwMm52SkZpd1BBNXNneHNNdHhrWnRBU09GNzRMQ2xCblVwQm05UTVlSkk4WnpSZjdJUkxPUDZkTmJnbFF6RWkwcnNjdjgzODlWOWVwTS9ZMUVCUmVza3RtZnQ4UkFFb2ZSUzhJK1VMdWU2VndZa0xFV0YxTjM4SEZjL1Z5dlFxWXdIMHVWbGFmQUQvT0p2cGROcDZtSzIxZUNmY01URkhSeTYzRi9iRjJLT2N2dVUvcnA0OGJNYS9EczlRYnlNNHgwaUFxUnN5dFBWVVl4cU9xc3RDMVJBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1687707070.3194220 Page URL
  3. https://myckdom.com/aS/sfclick?u=cc813b4a-21aa-48a9-860c-5a665aadbe63 HTTP 302
    https://p249699.myckdom.com/adServe/domainClick?ai=LLy4NUwpsb04MbTaY_48XxH7_wrZ3WkS0yskzVwtiaWIV5NOjjiW7mwSnQEHpl29wUq-EVi6ulbPH-2RHbW2vDrHFVxab2WUUNcemS8EIsfbZh2vrFwOgQ6b0ggOsq7Vos8LSBOgotIOXkhvL8RPEKFh8CBrUNFFoyEOp_uQSubibhRJYLY3HiEQkkjdpo3Uf6gmL4f0BkNyACuvmwkGmze5vgI3JbllcQiMr31drvnVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeoWBGu3Yx722Aya-THVb-15D7pYDJ3znSlb-qQHDvFM_Q4S-MnlxV8j&ui=yzphimlcv1XGkOSnr5TcclJYVZbN5_3WIaIc3yOo5HKxlpVxN4GX648Y9TXCQe3IF_ZKo8avoR9cXmftA86DRS9ca5Og-ig70LzrTawpkoxui3jp4HGeoQ&si=1&oref=3a88df88178a9dcc0a2f77d8880e5ae9&optunit=Wb3jOUt37LLb18im7YtLWtrmwwZzJF-M&rb=bolvsB9FCfA&rr=1&abtg=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0RnM1lzbG4zYW1VNE9IdDhuNkgwL2hpM0pMZ2VVK2dld1BGUkZCQlE5K2NoYldFYUV4TENWcDZLWXBvc2dOS01xZjBCQ3poVWdBNk9yWndiTWNncTM4bU4vZG5PYytKU3pmb1JtTUp6aFpkdUtnanIxa3VBRkIwcURUV0k3bXBRK1FzYmhQejAyZi9YZ2dNM2pWVjREVzRRbTErRjVZRVdBc1ZOWVJVOWxBL3c2N0R1bXdTVzBoK2I2dis5aGEybmVLV3E4c0lkMklmeGY3dzNyZWZpQnBwN3prTytST1lsdjRYRGFzY2VqZGtPc1MrMjFueDc4dDBYM3ZWMFJPbVRoL0xla09EUm51cU1VOVNzVS9vY202NEsvQlBzeU1zOXpQYkJFdE9xT2ozUU5HcFg0RXAxL1NhYm5VVDBmVGpOd1FLdFYweDN0blR3UnpiM2tsaW1lRVZweEZpTHFYVHRQc0dnZnI5U2RIZTljRkpacmVPaGlPZWdDblM1SEEvZXY0MUdsQ2NmdFVNbUFSbFZ6SFB3Vk1Hd2ZRUmRMTUxZQkxIREhyT0pzNHpYVkgyMDVKYmpIeEsvbHhocmtEM21sSkFvTzJNUmxySE9nVHJYM2VSQjh2VzBLckEzNzZ5Y3RPZjE0RkJaSmRhYXR5bDdsbG04UTUvTW9rU2pmZzNJWUVoL0RDOHFVdFBzakFEVkQySFZYLzJwMm52SkZpd1BBNXNneHNNdHhrWnRBU09GNzRMQ2xCblVwQm05UTVlSkk4WnpSZjdJUkxPUDZkTmJnbFF6RWkwcnNjdjgzODlWOWVwTS9ZMUVCUmVza3RtZnQ4UkFFb2ZSUzhJK1VMdWU2VndZa0xFV0YxTjM4SEZjL1Z5dlFxWXdIMHVWbGFmQUQvT0p2cGROcDZtSzIxZUNmY01URkhSeTYzRi9iRjJLT2N2dVUvcnA0OGJNYS9EczlRYnlNNHgwaUFxUnN5dFBWVVl4cU9xc3RDMVJBPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991 HTTP 302
  • http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0RnM1lzbG4zYW1VNE9IdDhuNkgwL2hpM0pMZ2VVK2dld1BGUkZCQlE5K2NoYldFYUV4TENWcDZLWXBvc2dOS01xZjBCQ3poVWdBNk9yWndiTWNncTM4bU4vZG5PYytKU3pmb1JtTUp6aFpkdUtnanIxa3VBRkIwcURUV0k3bXBRK1FzYmhQejAyZi9YZ2dNM2pWVjREVzRRbTErRjVZRVdBc1ZOWVJVOWxBL3c2N0R1bXdTVzBoK2I2dis5aGEybmVLV3E4c0lkMklmeGY3dzNyZWZpQnBwN3prTytST1lsdjRYRGFzY2VqZGtPc1MrMjFueDc4dDBYM3ZWMFJPbVRoL0xla09EUm51cU1VOVNzVS9vY202NEsvQlBzeU1zOXpQYkJFdE9xT2ozUU5HcFg0RXAxL1NhYm5VVDBmVGpOd1FLdFYweDN0blR3UnpiM2tsaW1lRVZweEZpTHFYVHRQc0dnZnI5U2RIZTljRkpacmVPaGlPZWdDblM1SEEvZXY0MUdsQ2NmdFVNbUFSbFZ6SFB3Vk1Hd2ZRUmRMTUxZQkxIREhyT0pzNHpYVkgyMDVKYmpIeEsvbHhocmtEM21sSkFvTzJNUmxySE9nVHJYM2VSQjh2VzBLckEzNzZ5Y3RPZjE0RkJaSmRhYXR5bDdsbG04UTUvTW9rU2pmZzNJWUVoL0RDOHFVdFBzakFEVkQySFZYLzJwMm52SkZpd1BBNXNneHNNdHhrWnRBU09GNzRMQ2xCblVwQm05UTVlSkk4WnpSZjdJUkxPUDZkTmJnbFF6RWkwcnNjdjgzODlWOWVwTS9ZMUVCUmVza3RtZnQ4UkFFb2ZSUzhJK1VMdWU2VndZa0xFV0YxTjM4SEZjL1Z5dlFxWXdIMHVWbGFmQUQvT0p2cGROcDZtSzIxZUNmY01URkhSeTYzRi9iRjJLT2N2dVUvcnA0OGJNYS9EczlRYnlNNHgwaUFxUnN5dFBWVVl4cU9xc3RDMVJBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1687707070.3194220
Request Chain 5
  • https://track.adnotebook.com/e2cde7c7-2228-475c-935f-c87f922dedb0?campaignkeyword=roblox+games&keyword=roblox+games&geo=US&campaignname=hero+Wars+US+3232023&device=Desktop&os=Windows+10&browser=Chrome+114&carrier=UNKNOWN&source=439752529&bid=0.0684&clickid=90456132371 HTTP 302
  • https://server.cpmstar.com/dclick.aspx?poolid=87277&productid=2885&url=https%3a%2f%2fhero-wars.com%2f&param=wchd8bi1a8fi4nmpi70cikqk HTTP 302
  • https://hero-wars.com/ HTTP 301
  • https://www.hero-wars.com/

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
robloxpromocodes.io/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://robloxpromocodes.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.252 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-252.above.com
Software
Apache /
Resource Hash
9e12566c512416ba0c410bc8e717fd725923bee79d3119ebd38af1a4283c915d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
3752
content-type
text/html; charset=UTF-8
date
Sun, 25 Jun 2023 15:31:08 GMT
server
Apache
vary
Accept-Encoding
swfobject.js
robloxpromocodes.io/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robloxpromocodes.io/js/swfobject.js
Requested by
Host: robloxpromocodes.io
URL: https://robloxpromocodes.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.252 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-252.above.com
Software
Apache /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://robloxpromocodes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 15:31:09 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 04:46:37 GMT
server
Apache
etag
"27ef-5e57726b7c540-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
3949
iife.min.js
robloxpromocodes.io/js/fingerprint/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://robloxpromocodes.io/js/fingerprint/iife.min.js
Requested by
Host: robloxpromocodes.io
URL: https://robloxpromocodes.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.252 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-252.above.com
Software
Apache /
Resource Hash
c6bc28686490aba34a53ab3b709afa1fd73c21e60feb25608b09f23efe170089

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://robloxpromocodes.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 15:31:09 GMT
content-encoding
gzip
last-modified
Thu, 27 Apr 2023 04:52:59 GMT
server
Apache
etag
"85c0-5fa4a216f00c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
14345
jr.php
plirkep.com/
Redirect Chain
  • http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0Rn...
  • http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0Rn...
369 B
455 B 		Document
General
Check archive.org
Download Go to
Full URL
http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0RnM1lzbG4zYW1VNE9IdDhuNkgwL2hpM0pMZ2VVK2dld1BGUkZCQlE5K2NoYldFYUV4TENWcDZLWXBvc2dOS01xZjBCQ3poVWdBNk9yWndiTWNncTM4bU4vZG5PYytKU3pmb1JtTUp6aFpkdUtnanIxa3VBRkIwcURUV0k3bXBRK1FzYmhQejAyZi9YZ2dNM2pWVjREVzRRbTErRjVZRVdBc1ZOWVJVOWxBL3c2N0R1bXdTVzBoK2I2dis5aGEybmVLV3E4c0lkMklmeGY3dzNyZWZpQnBwN3prTytST1lsdjRYRGFzY2VqZGtPc1MrMjFueDc4dDBYM3ZWMFJPbVRoL0xla09EUm51cU1VOVNzVS9vY202NEsvQlBzeU1zOXpQYkJFdE9xT2ozUU5HcFg0RXAxL1NhYm5VVDBmVGpOd1FLdFYweDN0blR3UnpiM2tsaW1lRVZweEZpTHFYVHRQc0dnZnI5U2RIZTljRkpacmVPaGlPZWdDblM1SEEvZXY0MUdsQ2NmdFVNbUFSbFZ6SFB3Vk1Hd2ZRUmRMTUxZQkxIREhyT0pzNHpYVkgyMDVKYmpIeEsvbHhocmtEM21sSkFvTzJNUmxySE9nVHJYM2VSQjh2VzBLckEzNzZ5Y3RPZjE0RkJaSmRhYXR5bDdsbG04UTUvTW9rU2pmZzNJWUVoL0RDOHFVdFBzakFEVkQySFZYLzJwMm52SkZpd1BBNXNneHNNdHhrWnRBU09GNzRMQ2xCblVwQm05UTVlSkk4WnpSZjdJUkxPUDZkTmJnbFF6RWkwcnNjdjgzODlWOWVwTS9ZMUVCUmVza3RtZnQ4UkFFb2ZSUzhJK1VMdWU2VndZa0xFV0YxTjM4SEZjL1Z5dlFxWXdIMHVWbGFmQUQvT0p2cGROcDZtSzIxZUNmY01URkhSeTYzRi9iRjJLT2N2dVUvcnA0OGJNYS9EczlRYnlNNHgwaUFxUnN5dFBWVVl4cU9xc3RDMVJBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1687707070.3194220
Requested by
Host: robloxpromocodes.io
URL: https://robloxpromocodes.io/
Protocol
HTTP/1.1
Server
103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
bidr.trellian.com
Software
Apache /
Resource Hash

Request headers

Referer
https://robloxpromocodes.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
242
content-type
text/html; charset=UTF-8
date
Sun, 25 Jun 2023 15:31:10 GMT
server
Apache
vary
Accept-Encoding
x-jr-code
s

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 25 Jun 2023 15:31:10 GMT
location
jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0RnM1lzbG4zYW1VNE9IdDhuNkgwL2hpM0pMZ2VVK2dld1BGUkZCQlE5K2NoYldFYUV4TENWcDZLWXBvc2dOS01xZjBCQ3poVWdBNk9yWndiTWNncTM4bU4vZG5PYytKU3pmb1JtTUp6aFpkdUtnanIxa3VBRkIwcURUV0k3bXBRK1FzYmhQejAyZi9YZ2dNM2pWVjREVzRRbTErRjVZRVdBc1ZOWVJVOWxBL3c2N0R1bXdTVzBoK2I2dis5aGEybmVLV3E4c0lkMklmeGY3dzNyZWZpQnBwN3prTytST1lsdjRYRGFzY2VqZGtPc1MrMjFueDc4dDBYM3ZWMFJPbVRoL0xla09EUm51cU1VOVNzVS9vY202NEsvQlBzeU1zOXpQYkJFdE9xT2ozUU5HcFg0RXAxL1NhYm5VVDBmVGpOd1FLdFYweDN0blR3UnpiM2tsaW1lRVZweEZpTHFYVHRQc0dnZnI5U2RIZTljRkpacmVPaGlPZWdDblM1SEEvZXY0MUdsQ2NmdFVNbUFSbFZ6SFB3Vk1Hd2ZRUmRMTUxZQkxIREhyT0pzNHpYVkgyMDVKYmpIeEsvbHhocmtEM21sSkFvTzJNUmxySE9nVHJYM2VSQjh2VzBLckEzNzZ5Y3RPZjE0RkJaSmRhYXR5bDdsbG04UTUvTW9rU2pmZzNJWUVoL0RDOHFVdFBzakFEVkQySFZYLzJwMm52SkZpd1BBNXNneHNNdHhrWnRBU09GNzRMQ2xCblVwQm05UTVlSkk4WnpSZjdJUkxPUDZkTmJnbFF6RWkwcnNjdjgzODlWOWVwTS9ZMUVCUmVza3RtZnQ4UkFFb2ZSUzhJK1VMdWU2VndZa0xFV0YxTjM4SEZjL1Z5dlFxWXdIMHVWbGFmQUQvT0p2cGROcDZtSzIxZUNmY01URkhSeTYzRi9iRjJLT2N2dVUvcnA0OGJNYS9EczlRYnlNNHgwaUFxUnN5dFBWVVl4cU9xc3RDMVJBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1687707070.3194220
server
Apache
x-jr-code
cr
Primary Request domainClick
p249699.myckdom.com/adServe/
Redirect Chain
  • https://myckdom.com/aS/sfclick?u=cc813b4a-21aa-48a9-860c-5a665aadbe63
  • https://p249699.myckdom.com/adServe/domainClick?ai=LLy4NUwpsb04MbTaY_48XxH7_wrZ3WkS0yskzVwtiaWIV5NOjjiW7mwSnQEHpl29wUq-EVi6ulbPH-2RHbW2vDrHFVxab2WUUNcemS8EIsfbZh2vrFwOgQ6b0ggOsq7Vos8LSBOgotIOXkhvL8...
993 B
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p249699.myckdom.com/adServe/domainClick?ai=LLy4NUwpsb04MbTaY_48XxH7_wrZ3WkS0yskzVwtiaWIV5NOjjiW7mwSnQEHpl29wUq-EVi6ulbPH-2RHbW2vDrHFVxab2WUUNcemS8EIsfbZh2vrFwOgQ6b0ggOsq7Vos8LSBOgotIOXkhvL8RPEKFh8CBrUNFFoyEOp_uQSubibhRJYLY3HiEQkkjdpo3Uf6gmL4f0BkNyACuvmwkGmze5vgI3JbllcQiMr31drvnVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeoWBGu3Yx722Aya-THVb-15D7pYDJ3znSlb-qQHDvFM_Q4S-MnlxV8j&ui=yzphimlcv1XGkOSnr5TcclJYVZbN5_3WIaIc3yOo5HKxlpVxN4GX648Y9TXCQe3IF_ZKo8avoR9cXmftA86DRS9ca5Og-ig70LzrTawpkoxui3jp4HGeoQ&si=1&oref=3a88df88178a9dcc0a2f77d8880e5ae9&optunit=Wb3jOUt37LLb18im7YtLWtrmwwZzJF-M&rb=bolvsB9FCfA&rr=1&abtg=0
Requested by
Host: plirkep.com
URL: http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0RnM1lzbG4zYW1VNE9IdDhuNkgwL2hpM0pMZ2VVK2dld1BGUkZCQlE5K2NoYldFYUV4TENWcDZLWXBvc2dOS01xZjBCQ3poVWdBNk9yWndiTWNncTM4bU4vZG5PYytKU3pmb1JtTUp6aFpkdUtnanIxa3VBRkIwcURUV0k3bXBRK1FzYmhQejAyZi9YZ2dNM2pWVjREVzRRbTErRjVZRVdBc1ZOWVJVOWxBL3c2N0R1bXdTVzBoK2I2dis5aGEybmVLV3E4c0lkMklmeGY3dzNyZWZpQnBwN3prTytST1lsdjRYRGFzY2VqZGtPc1MrMjFueDc4dDBYM3ZWMFJPbVRoL0xla09EUm51cU1VOVNzVS9vY202NEsvQlBzeU1zOXpQYkJFdE9xT2ozUU5HcFg0RXAxL1NhYm5VVDBmVGpOd1FLdFYweDN0blR3UnpiM2tsaW1lRVZweEZpTHFYVHRQc0dnZnI5U2RIZTljRkpacmVPaGlPZWdDblM1SEEvZXY0MUdsQ2NmdFVNbUFSbFZ6SFB3Vk1Hd2ZRUmRMTUxZQkxIREhyT0pzNHpYVkgyMDVKYmpIeEsvbHhocmtEM21sSkFvTzJNUmxySE9nVHJYM2VSQjh2VzBLckEzNzZ5Y3RPZjE0RkJaSmRhYXR5bDdsbG04UTUvTW9rU2pmZzNJWUVoL0RDOHFVdFBzakFEVkQySFZYLzJwMm52SkZpd1BBNXNneHNNdHhrWnRBU09GNzRMQ2xCblVwQm05UTVlSkk4WnpSZjdJUkxPUDZkTmJnbFF6RWkwcnNjdjgzODlWOWVwTS9ZMUVCUmVza3RtZnQ4UkFFb2ZSUzhJK1VMdWU2VndZa0xFV0YxTjM4SEZjL1Z5dlFxWXdIMHVWbGFmQUQvT0p2cGROcDZtSzIxZUNmY01URkhSeTYzRi9iRjJLT2N2dVUvcnA0OGJNYS9EczlRYnlNNHgwaUFxUnN5dFBWVVl4cU9xc3RDMVJBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1687707070.3194220
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
8cd0ad1c7a70db72a86a0116b50e6c6c4bdf2a7fa7474ae88d01b089527b4203

Request headers

Referer
http://plirkep.com/jr.php?gz=5QXNAp0NU1c8ePHYJdiBhn49fllXaGVqeWVMWHppblg0Um1KWUpnSGUvM2ZnSjNnNXhMNW1TMmZKYVRFc0VnSkVISm1NVFlpcG9NbGEzU0Njd1pLclJHSzdWd3RacnJqMVVMT1h0SDd4dFFheTdVQi9UdTIwVlJPcTVtM0RnM1lzbG4zYW1VNE9IdDhuNkgwL2hpM0pMZ2VVK2dld1BGUkZCQlE5K2NoYldFYUV4TENWcDZLWXBvc2dOS01xZjBCQ3poVWdBNk9yWndiTWNncTM4bU4vZG5PYytKU3pmb1JtTUp6aFpkdUtnanIxa3VBRkIwcURUV0k3bXBRK1FzYmhQejAyZi9YZ2dNM2pWVjREVzRRbTErRjVZRVdBc1ZOWVJVOWxBL3c2N0R1bXdTVzBoK2I2dis5aGEybmVLV3E4c0lkMklmeGY3dzNyZWZpQnBwN3prTytST1lsdjRYRGFzY2VqZGtPc1MrMjFueDc4dDBYM3ZWMFJPbVRoL0xla09EUm51cU1VOVNzVS9vY202NEsvQlBzeU1zOXpQYkJFdE9xT2ozUU5HcFg0RXAxL1NhYm5VVDBmVGpOd1FLdFYweDN0blR3UnpiM2tsaW1lRVZweEZpTHFYVHRQc0dnZnI5U2RIZTljRkpacmVPaGlPZWdDblM1SEEvZXY0MUdsQ2NmdFVNbUFSbFZ6SFB3Vk1Hd2ZRUmRMTUxZQkxIREhyT0pzNHpYVkgyMDVKYmpIeEsvbHhocmtEM21sSkFvTzJNUmxySE9nVHJYM2VSQjh2VzBLckEzNzZ5Y3RPZjE0RkJaSmRhYXR5bDdsbG04UTUvTW9rU2pmZzNJWUVoL0RDOHFVdFBzakFEVkQySFZYLzJwMm52SkZpd1BBNXNneHNNdHhrWnRBU09GNzRMQ2xCblVwQm05UTVlSkk4WnpSZjdJUkxPUDZkTmJnbFF6RWkwcnNjdjgzODlWOWVwTS9ZMUVCUmVza3RtZnQ4UkFFb2ZSUzhJK1VMdWU2VndZa0xFV0YxTjM4SEZjL1Z5dlFxWXdIMHVWbGFmQUQvT0p2cGROcDZtSzIxZUNmY01URkhSeTYzRi9iRjJLT2N2dVUvcnA0OGJNYS9EczlRYnlNNHgwaUFxUnN5dFBWVVl4cU9xc3RDMVJBPT0%3D&vs=1600%3A1200&ds=1600%3A1200&sl=0%3A0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel+Inc.+-+Intel+Iris+OpenGL+Engine&anura_res=&fp=375b49bc67b4bc8c4285cd1135afd991&ckReS=1687707070.3194220
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 25 Jun 2023 15:31:12 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Sun, 25 Jun 2023 15:31:11 GMT
location
https://p249699.myckdom.com/adServe/domainClick?ai=LLy4NUwpsb04MbTaY_48XxH7_wrZ3WkS0yskzVwtiaWIV5NOjjiW7mwSnQEHpl29wUq-EVi6ulbPH-2RHbW2vDrHFVxab2WUUNcemS8EIsfbZh2vrFwOgQ6b0ggOsq7Vos8LSBOgotIOXkhvL8RPEKFh8CBrUNFFoyEOp_uQSubibhRJYLY3HiEQkkjdpo3Uf6gmL4f0BkNyACuvmwkGmze5vgI3JbllcQiMr31drvnVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeoWBGu3Yx722Aya-THVb-15D7pYDJ3znSlb-qQHDvFM_Q4S-MnlxV8j&ui=yzphimlcv1XGkOSnr5TcclJYVZbN5_3WIaIc3yOo5HKxlpVxN4GX648Y9TXCQe3IF_ZKo8avoR9cXmftA86DRS9ca5Og-ig70LzrTawpkoxui3jp4HGeoQ&si=1&oref=3a88df88178a9dcc0a2f77d8880e5ae9&optunit=Wb3jOUt37LLb18im7YtLWtrmwwZzJF-M&rb=bolvsB9FCfA&rr=1&abtg=0
server
nginx
track
clkdeals.com/adServe/ 		49 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clkdeals.com/adServe/track?subid=90456132371&prdid=2750&price=0
Requested by
Host: p249699.myckdom.com
URL: https://p249699.myckdom.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.116.53.146 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
92.35.7434.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jun 2023 15:31:13 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.hero-wars.com/
Redirect Chain
  • https://track.adnotebook.com/e2cde7c7-2228-475c-935f-c87f922dedb0?campaignkeyword=roblox+games&keyword=roblox+games&geo=US&campaignname=hero+Wars+US+3232023&device=Desktop&os=Windows+10&browser=Chr...
  • https://server.cpmstar.com/dclick.aspx?poolid=87277&productid=2885&url=https%3a%2f%2fhero-wars.com%2f&param=wchd8bi1a8fi4nmpi70cikqk
  • https://hero-wars.com/
  • https://www.hero-wars.com/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hero-wars.com/
Requested by
Host: p249699.myckdom.com
URL: https://p249699.myckdom.com/adServe/domainClick?ai=LLy4NUwpsb04MbTaY_48XxH7_wrZ3WkS0yskzVwtiaWIV5NOjjiW7mwSnQEHpl29wUq-EVi6ulbPH-2RHbW2vDrHFVxab2WUUNcemS8EIsfbZh2vrFwOgQ6b0ggOsq7Vos8LSBOgotIOXkhvL8RPEKFh8CBrUNFFoyEOp_uQSubibhRJYLY3HiEQkkjdpo3Uf6gmL4f0BkNyACuvmwkGmze5vgI3JbllcQiMr31drvnVCW9UoLTzK2_T5x_FGAdpIKKNlj9I1Bp0zkQJR4Qsl-RCaNkT3qyOnwM9sZtI20k3QkkpNB0KG6OIZhD5UZ8zUEpDz_87JciBp9n2wO8e3QXL0tt9b_p24Wg6c98G2nieKTEQPOdaBRbRh5WhN0Axej_wmAiUbeoWBGu3Yx722Aya-THVb-15D7pYDJ3znSlb-qQHDvFM_Q4S-MnlxV8j&ui=yzphimlcv1XGkOSnr5TcclJYVZbN5_3WIaIc3yOo5HKxlpVxN4GX648Y9TXCQe3IF_ZKo8avoR9cXmftA86DRS9ca5Og-ig70LzrTawpkoxui3jp4HGeoQ&si=1&oref=3a88df88178a9dcc0a2f77d8880e5ae9&optunit=Wb3jOUt37LLb18im7YtLWtrmwwZzJF-M&rb=bolvsB9FCfA&rr=1&abtg=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.179 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://p249699.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,x-auth-application-id,x-auth-network-ident,x-auth-player-id,x-auth-session-id,x-auth-session-init,x-auth-session-key,x-auth-signature,x-auth-token,x-auth-user-id,x-env-referrer,x-request-id,x-requested-with,x-server-time,x-env-library-version,x-auth-network-sign,authorization
access-control-allow-methods
GET,POST,OPTIONS,DELETE,PUT
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
6946
content-type
text/html; charset=UTF-8
date
Sun, 25 Jun 2023 15:31:18 GMT
expires
Sun, 25 Jun 2023 15:31:18 GMT
link
<https://hwlandings-a.akamaihd.net/p/assets/22b3c9d4eedf32c8704a.woff>;rel="preload";as="font";type="font/woff";crossorigin <https://hwlandings-a.akamaihd.net/hw/p/assets/22b3c9d4eedf32c8704a.woff>;rel="preload";as="font";type="font/woff";crossorigin <https://heroesweb-a.akamaihd.net>;rel="preconnect",<https://cdn.onesignal.com>;rel="preconnect",<https://cdn.gsght.com>;rel="preconnect",<https://heroes-wb.nextersglobal.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://www.googleoptimize.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect",<https://static.ads-twitter.com>;rel="preconnect" <https://hwlandings-a.akamaihd.net>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://cdn.taboola.com>;rel="preconnect"
pragma
no-cache
server-timing
edge; dur=7 origin; dur=261 cdn-cache; desc=MISS ak_p; desc="468807_711167151_1944430236_26849_12806_184_0_-";dur=1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mTOE,2mRUM,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 25 Jun 2023 15:31:16 GMT
Location
https://www.hero-wars.com/
Server
nginx
22b3c9d4eedf32c8704a.woff
hwlandings-a.akamaihd.net/p/assets/ 		0
0
22b3c9d4eedf32c8704a.woff
hwlandings-a.akamaihd.net/hw/p/assets/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hwlandings-a.akamaihd.net
URL
https://hwlandings-a.akamaihd.net/p/assets/22b3c9d4eedf32c8704a.woff
Domain
hwlandings-a.akamaihd.net
URL
https://hwlandings-a.akamaihd.net/hw/p/assets/22b3c9d4eedf32c8704a.woff

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

4 Cookies

Domain/Path Name / Value
robloxpromocodes.io/ Name: __tad
Value: 1687707068.7202946
plirkep.com/ Name: __tad
Value: 1687707070.3194220
.myckdom.com/ Name: rhid
Value: 83372849379
.myckdom.com/ Name: loi
Value: ad_1448594_off_891460_aff_90427_cid_249699-501608259_ts_1687707072