freedirtygame.com Open in urlscan Pro
5.189.171.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://freedirtygame.com/
Effective URL:
https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6...
Submission: On June 17 via api (June 17th 2022, 2:23:21 am UTC) from LU — Scanned from DE

Summary HTTP 47 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 47 HTTP transactions. The main IP is 5.189.171.71, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is freedirtygame.com. The Cisco Umbrella rank of the primary domain is 161668.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 1st 2021. Valid for: a year.

This is the only time freedirtygame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	5.189.171.71 5.189.171.71	51167 (CONTABO) (CONTABO)
2	18.184.38.55 18.184.38.55	16509 (AMAZON-02) (AMAZON-02)
4	138.199.37.231 138.199.37.231	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.37 18.66.97.37	16509 (AMAZON-02) (AMAZON-02)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	66.254.114.89 66.254.114.89	29789 (REFLECTED) (REFLECTED)
1	136.243.51.171 136.243.51.171	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.28 18.66.139.28	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.34 108.157.4.34	16509 (AMAZON-02) (AMAZON-02)
47	16

18 5.189.171.71 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m3450.contabo.host

freedirtygame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com

track.theagencyone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mading-calipprox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.199.37.231 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-231.datapacket.com

adverster.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

swarmpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-37.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.114.89 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

ctrack.trafficjunky.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.51.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.51.243.136.clients.your-server.de

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-34.dus51.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	freedirtygame.com freedirtygame.com — Cisco Umbrella Rank: 161668	749 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60 region1.google-analytics.com — Cisco Umbrella Rank: 9409	58 KB
4	swarmpush.com swarmpush.com — Cisco Umbrella Rank: 433666	25 KB
4	b-cdn.net adverster.b-cdn.net — Cisco Umbrella Rank: 288759	319 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 677 script.hotjar.com — Cisco Umbrella Rank: 992 vars.hotjar.com — Cisco Umbrella Rank: 1037	67 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9968	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	122 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2428	257 B
1	tsyndicate.com tsyndicate.com — Cisco Umbrella Rank: 8538	487 B
1	trafficjunky.net ctrack.trafficjunky.net — Cisco Umbrella Rank: 23551	1 KB
1	exoclick.com a.exoclick.com — Cisco Umbrella Rank: 64561	959 B
1	mading-calipprox.com mading-calipprox.com — Cisco Umbrella Rank: 605207 Failed	1 KB
1	theagencyone.com track.theagencyone.com	2 KB
47	13

	Domain	Requested by
18	freedirtygame.com	mading-calipprox.com freedirtygame.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com freedirtygame.com
4	swarmpush.com	www.googletagmanager.com swarmpush.com freedirtygame.com
4	adverster.b-cdn.net	freedirtygame.com
2	region1.google-analytics.com	www.googletagmanager.com
2	my.rtmark.net	www.googletagmanager.com
2	www.googletagmanager.com	freedirtygame.com www.googletagmanager.com
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	tsyndicate.com	freedirtygame.com
1	ctrack.trafficjunky.net	freedirtygame.com
1	a.exoclick.com	www.googletagmanager.com
1	static.hotjar.com	freedirtygame.com
1	mading-calipprox.com	track.theagencyone.com
1	track.theagencyone.com
47	16

This site contains no links.

Subject Issuer	Validity	Valid
freedirtygame.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-01` - `2022-10-01`	a year	crt.sh
track.theagencyone.com R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
mading-calipprox.com R3	`2022-05-24` - `2022-08-22`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-07` - `2022-11-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-08`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2021-08-03` - `2022-09-04`	a year	crt.sh
*.trafficjunky.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
tsyndicate.com R3	`2022-06-12` - `2022-09-10`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Frame ID: 10D871AF7454E32ECE28F8ACD68F9752
Requests: 46 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 311F78339E67EEEB2413538EF97A033D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GameBater - Try Not To Cum

Page URL History Show full URLs

https://freedirtygame.com/ Page URL
https://track.theagencyone.com/3cb6586c-d759-4aba-9493-e8aab4deced0?tsource={tsource}&domain={domain}&ad={a... Page URL
https://mading-calipprox.com/redirect?target=BASE64aHR0cHM6Ly9mcmVlZGlydHlnYW1lLmNvbS9wcmUvR2FtZUJhdGVyX3... Page URL
https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Ge... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

98 %
HTTPS

33 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

1348 kB
Transfer

4861 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://freedirtygame.com/ Page URL
https://track.theagencyone.com/3cb6586c-d759-4aba-9493-e8aab4deced0?tsource={tsource}&domain={domain}&ad={ad}&category={category}&campaign={campaign}&domainname={domainname}&unique={unique}&code={code}&base={base}&keyword={keyword} Page URL
https://mading-calipprox.com/redirect?target=BASE64aHR0cHM6Ly9mcmVlZGlydHlnYW1lLmNvbS9wcmUvR2FtZUJhdGVyX3Y0Lz9jbGlja2lkPXc5c2gwNTI2NXJjNXBpdWcybWUwYWM5OCZjb3VudHJ5PURFJm0xPU9wZXJhJm0yPUdlcm1hbnkmdm9sdXVtX2lkPTNjYjY1ODZjLWQ3NTktNGFiYS05NDkzLWU4YWFiNGRlY2VkMCZ0c291cmNlPWFkdWx0JTIwZ2FtZSUyMC0lMjBvdXIlMjBvZmZlcnMlMjAlMjglRDElODIlRDElODAlRDAlQjAlRDElODQlRDAlQjglRDAlQkElMjAlRDElODElMjBmcmVlZGlydHlnYW1lLmNvbSUyOSZjYW1wYWlnbj0zY2I2NTg2Yy1kNzU5LTRhYmEtOTQ5My1lOGFhYjRkZWNlZDAmYmFzZT0lN0J0c291cmNlJTdEJnBhcnRuZXI9QkMmbmV4dD1HYW1lQmF0ZXJfdjE&ts=1655432595009&hash=C1-56VbdnEql3S7QR3SCuqIdN_oW9gF0Y0aSCjr5fhI&rm=DJ Page URL
https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
freedirtygame.com/ 290 B
593 B 216ms
49ms Document
text/html 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: a478641d18bc08d709909e300ac7d7c470a65d4974afae7eb9d0a54c117afc5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=2678400
Connection: keep-alive
Content-Length: 290
Content-Type: text/html
Date: Fri, 17 Jun 2022 02:23:14 GMT
ETag: "5e46b291-122"
Expires: Mon, 18 Jul 2022 02:23:14 GMT
Last-Modified: Fri, 14 Feb 2020 14:45:37 GMT
Server: nginx

GET
H2 200 3cb6586c-d759-4aba-9493-e8aab4deced0 Show response
track.theagencyone.com/ 1 KB
2 KB 170ms
41ms Document
text/html 18.184.38.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.theagencyone.com/3cb6586c-d759-4aba-9493-e8aab4deced0?tsource={tsource}&domain={domain}&ad={ad}&category={category}&campaign={campaign}&domainname={domainname}&unique={unique}&code={code}&base={base}&keyword={keyword}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.38.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1042e17e6e39ad7ac9209762de389a848a818107aa402842b51a394d8bb3eda6

Request headers

Referer: https://freedirtygame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 1512
content-type: text/html;charset=UTF-8
date: Fri, 17 Jun 2022 02:23:15 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

GET redirect
mading-calipprox.com/ 0
0

GET
H2 200 redirect Show response
mading-calipprox.com/ 1016 B
1 KB 127ms
40ms Document
text/html 18.184.38.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mading-calipprox.com/redirect?target=BASE64aHR0cHM6Ly9mcmVlZGlydHlnYW1lLmNvbS9wcmUvR2FtZUJhdGVyX3Y0Lz9jbGlja2lkPXc5c2gwNTI2NXJjNXBpdWcybWUwYWM5OCZjb3VudHJ5PURFJm0xPU9wZXJhJm0yPUdlcm1hbnkmdm9sdXVtX2lkPTNjYjY1ODZjLWQ3NTktNGFiYS05NDkzLWU4YWFiNGRlY2VkMCZ0c291cmNlPWFkdWx0JTIwZ2FtZSUyMC0lMjBvdXIlMjBvZmZlcnMlMjAlMjglRDElODIlRDElODAlRDAlQjAlRDElODQlRDAlQjglRDAlQkElMjAlRDElODElMjBmcmVlZGlydHlnYW1lLmNvbSUyOSZjYW1wYWlnbj0zY2I2NTg2Yy1kNzU5LTRhYmEtOTQ5My1lOGFhYjRkZWNlZDAmYmFzZT0lN0J0c291cmNlJTdEJnBhcnRuZXI9QkMmbmV4dD1HYW1lQmF0ZXJfdjE&ts=1655432595009&hash=C1-56VbdnEql3S7QR3SCuqIdN_oW9gF0Y0aSCjr5fhI&rm=DJ
Requested by: Host: track.theagencyone.com
URL: https://track.theagencyone.com/3cb6586c-d759-4aba-9493-e8aab4deced0?tsource={tsource}&domain={domain}&ad={ad}&category={category}&campaign={campaign}&domainname={domainname}&unique={unique}&code={code}&base={base}&keyword={keyword}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.184.38.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 11e805d63959419b978b1f66a7d1e10914e950f0c908abc8cf2b67fd48e6d11d

Request headers

Referer: https://track.theagencyone.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 1016
content-type: text/html;charset=UTF-8
date: Fri, 17 Jun 2022 02:23:15 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
server: nginx

GET
H/1.1 200
OK Primary Request / Show response
freedirtygame.com/pre/GameBater_v4/ 8 KB
2 KB 50ms
49ms Document
text/html 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Requested by: Host: mading-calipprox.com
URL: https://mading-calipprox.com/redirect?target=BASE64aHR0cHM6Ly9mcmVlZGlydHlnYW1lLmNvbS9wcmUvR2FtZUJhdGVyX3Y0Lz9jbGlja2lkPXc5c2gwNTI2NXJjNXBpdWcybWUwYWM5OCZjb3VudHJ5PURFJm0xPU9wZXJhJm0yPUdlcm1hbnkmdm9sdXVtX2lkPTNjYjY1ODZjLWQ3NTktNGFiYS05NDkzLWU4YWFiNGRlY2VkMCZ0c291cmNlPWFkdWx0JTIwZ2FtZSUyMC0lMjBvdXIlMjBvZmZlcnMlMjAlMjglRDElODIlRDElODAlRDAlQjAlRDElODQlRDAlQjglRDAlQkElMjAlRDElODElMjBmcmVlZGlydHlnYW1lLmNvbSUyOSZjYW1wYWlnbj0zY2I2NTg2Yy1kNzU5LTRhYmEtOTQ5My1lOGFhYjRkZWNlZDAmYmFzZT0lN0J0c291cmNlJTdEJnBhcnRuZXI9QkMmbmV4dD1HYW1lQmF0ZXJfdjE&ts=1655432595009&hash=C1-56VbdnEql3S7QR3SCuqIdN_oW9gF0Y0aSCjr5fhI&rm=DJ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 2b4209726526fd62eceb4c5b0ab5c4f2648429f22570a4e2efb748dd18f9d03f

Request headers

Referer: https://mading-calipprox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=2678400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 17 Jun 2022 02:23:14 GMT
ETag: W/"622dfe8b-208a"
Expires: Mon, 18 Jul 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:24:11 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK fonts.css
freedirtygame.com/pre/GameBater_v4/files/ 172 B
473 B 50ms
49ms Stylesheet
text/css 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/fonts.css
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: fb77761e577dc2626e6ed62aad590ca30f184906b681283da856c669e186f9d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:25:00 GMT
Server: nginx
ETag: "622dfebc-ac"
Content-Type: text/css
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 172
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK main2.css
freedirtygame.com/pre/GameBater_v4/files/ 4 KB
2 KB 102ms
49ms Stylesheet
text/css 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/main2.css
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 7f5a9df64e6108b339e01c45629795dcc1c1f79dc4d0497811172bc968fad1e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 14:25:19 GMT
Server: nginx
ETag: W/"622dfecf-11b1"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK animate.min.css
freedirtygame.com/pre/GameBater_v4/files/ 70 KB
6 KB 146ms
49ms Stylesheet
text/css 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/animate.min.css
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: ba534cc9d8158c4635b87771f07c7f587ded43838408ffc81d92e35d990ab296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 14:24:27 GMT
Server: nginx
ETag: W/"622dfe9b-11847"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2678400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK jquery.min.js Show response
freedirtygame.com/pre/GameBater_v4/files/ 86 KB
86 KB 196ms
97ms Script
application/javascript 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/jquery.min.js
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:25:12 GMT
Server: nginx
ETag: "622dfec8-15851"
Content-Type: application/javascript
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88145
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK ion.sound.min.js Show response
freedirtygame.com/pre/GameBater_v4/files/ 13 KB
13 KB 199ms
100ms Script
application/javascript 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/ion.sound.min.js
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:25:09 GMT
Server: nginx
ETag: "622dfec5-3220"
Content-Type: application/javascript
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12832
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK lang.js Show response
freedirtygame.com/pre/GameBater_v4/files/ 21 KB
21 KB 197ms
99ms Script
application/javascript 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/lang.js
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: bd69202ddc7e570cb2017651577ea31de7c4aecc15e37fd300a960fb0fac789a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:25:14 GMT
Server: nginx
ETag: "622dfeca-53f8"
Content-Type: application/javascript
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21496
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK no-mute.png
freedirtygame.com/pre/GameBater_v4/files/ 17 KB
18 KB 50ms
50ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/no-mute.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 27746480fed50a7132fd291a781f2db93e591a58f18603860551c689050c6281

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:25:31 GMT
Server: nginx
ETag: "622dfedb-450f"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17679
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H2 200 second_step_v20.040.jpg
adverster.b-cdn.net/video/pre/GameBater_v4/ 275 KB
276 KB 168ms
69ms Image
image/jpeg 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adverster.b-cdn.net/video/pre/GameBater_v4/second_step_v20.040.jpg
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: BunnyCDN-DE1-863 /
Resource Hash: 31567410e682963491612977dec5582d528885b5d6f3516901f2a276939bbd2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:15 GMT
cdn-edgestorageid: 860
cdn-fileserver: 185
cdn-storageserver: DE-168
cdn-cachedat: 03/10/2022 19:05:08
cdn-pullzone: 303693
content-length: 282057
server: BunnyCDN-DE1-863
last-modified: Fri, 10 Sep 2021 15:17:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 206
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: f45a7a2e-6fd6-42fa-b15d-1efd29fb00dd
cache-control: public, max-age=2592000
cdn-requestid: 281bdb9ab31598bfafc7f693fdf029e2
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
54 KB 156ms
68ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS

Requested by

Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3eec366e17a7764fd41e49f93998e254b8e87db95307efed118e9c629af1f6d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54502
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Jun 2022 02:23:15 GMT

GET
H/1.1 200
OK text-welcome.png
freedirtygame.com/pre/GameBater_v4/files/ 131 KB
131 KB 49ms
49ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/text-welcome.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 7810566f681f0cc649da1515dbef7533c983ff1583a28e0d06745037db2ef378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:25:42 GMT
Server: nginx
ETag: "622dfee6-20cbd"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 134333
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK button-nothanks.png
freedirtygame.com/pre/GameBater_v4/files/ 11 KB
12 KB 53ms
52ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/button-nothanks.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 3b07608ac0ae2103a8688a1f17fbebc888abab9ba3b72489aae45ded51d9a235

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:24:50 GMT
Server: nginx
ETag: "622dfeb2-2d30"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11568
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK button-continue.png
freedirtygame.com/pre/GameBater_v4/files/ 10 KB
11 KB 50ms
50ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/button-continue.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 2310c2aac79e048dd90d97c467710c22b58cc2176a348c12fd2909827564177a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:24:48 GMT
Server: nginx
ETag: "622dfeb0-2965"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10597
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK choose-sex-partner.png
freedirtygame.com/pre/GameBater_v4/files/ 49 KB
49 KB 105ms
104ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/choose-sex-partner.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: f52c6cdb7e8a94b92bde5b0c0ec89d6075bde444ac798e59b495dec9ae2e908e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:24:54 GMT
Server: nginx
ETag: "622dfeb6-c3f6"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50166
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK button-lisa.png
freedirtygame.com/pre/GameBater_v4/files/ 13 KB
13 KB 103ms
102ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/button-lisa.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: f2b70e62e0f1e85650364cddc5067f400d1847b54e63361b2d57763dd54d4c49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:24:53 GMT
Server: nginx
ETag: "622dfeb5-343e"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13374
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK button-elsa.png
freedirtygame.com/pre/GameBater_v4/files/ 13 KB
14 KB 50ms
50ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/button-elsa.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: fb65417703a47797292fe85f56d62ac607b8a2bd8a47cf4d028a1ecda2e0ecbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:14 GMT
Last-Modified: Sun, 13 Mar 2022 14:24:46 GMT
Server: nginx
ETag: "622dfeae-34d7"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13527
Expires: Mon, 18 Jul 2022 02:23:14 GMT

GET
H/1.1 200
OK warning-try-not.png
freedirtygame.com/pre/GameBater_v4/files/ 54 KB
54 KB 52ms
49ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/warning-try-not.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 9ffe7fee2c4ff8ac3073e97f37376ed8ac649a0f726fc9f26570d61758f2aa6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:15 GMT
Last-Modified: Sun, 13 Mar 2022 14:25:43 GMT
Server: nginx
ETag: "622dfee7-d8a2"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55458
Expires: Mon, 18 Jul 2022 02:23:15 GMT

GET
H/1.1 200
OK button-play-game.png
freedirtygame.com/pre/GameBater_v4/files/ 10 KB
11 KB 51ms
50ms Image
image/png 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/button-play-game.png
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: 9ba2ea675a827eaa74a93beaed40bf5ef998b33e98a663887de3458a5e4e87e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:15 GMT
Last-Modified: Sun, 13 Mar 2022 14:24:56 GMT
Server: nginx
ETag: "622dfeb8-29a5"
Content-Type: image/png
Cache-Control: max-age=2678400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10661
Expires: Mon, 18 Jul 2022 02:23:15 GMT

GET
H/1.1 200
OK Luckiest%20Guy%20RUS-BEL-UKR.otf
freedirtygame.com/pre/GameBater_v4/files/fonts/ 305 KB
305 KB 145ms
96ms Font
application/octet-stream 5.189.171.71
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://freedirtygame.com/pre/GameBater_v4/files/fonts/Luckiest%20Guy%20RUS-BEL-UKR.otf
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/files/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: m3450.contabo.host
Software: nginx /
Resource Hash: d9d70cb316285cb3b866c4f0c5aacf3313cf408bed70c7857db78e3e093ecf0b

Request headers

Referer: https://freedirtygame.com/pre/GameBater_v4/files/fonts.css
Origin: https://freedirtygame.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:15 GMT
Last-Modified: Sun, 13 Mar 2022 14:26:48 GMT
Server: nginx
ETag: "622dff28-4c3e4"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 312292

GET
H2 206 second_step_v2.mp4
adverster.b-cdn.net/video/pre/GameBater_v4/ 32 KB
0 153ms
115ms Media
video/mp4 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://adverster.b-cdn.net/video/pre/GameBater_v4/second_step_v2.mp4
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: BunnyCDN-DE1-863 /
Resource Hash

Request headers

Referer: https://freedirtygame.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
Range: bytes=0-

Response headers

date: Fri, 17 Jun 2022 02:23:15 GMT
cdn-edgestorageid: 632
cdn-fileserver: 182
cdn-storageserver: DE-169
Content-Range: bytes 0-3025879/3025880
cdn-cachedat: 10/22/2021 18:10:02
cdn-pullzone: 303693
Content-Length: 3025880
server: BunnyCDN-DE1-863
last-modified: Fri, 10 Sep 2021 15:16:43 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
content-type: video/mp4
cdn-cache: HIT
cdn-uid: f45a7a2e-6fd6-42fa-b15d-1efd29fb00dd
cache-control: public, max-age=2592000
cdn-requestid: f0604f93c479158a27da8d673fe1c9c9
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 206 second_step_v2.mp4
adverster.b-cdn.net/video/pre/GameBater_v4/ 43 KB
43 KB 50ms
50ms Media
video/mp4 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://adverster.b-cdn.net/video/pre/GameBater_v4/second_step_v2.mp4
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: BunnyCDN-DE1-863 /
Resource Hash: e49aa1ab53b921096dceb6aa715197e9bd46888e309d7cf34fafbc8818016d04

Request headers

Referer: https://freedirtygame.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
Range: bytes=2981888-

Response headers

date: Fri, 17 Jun 2022 02:23:15 GMT
cdn-edgestorageid: 632
cdn-fileserver: 182
cdn-storageserver: DE-169
Content-Range: bytes 2981888-3025879/3025880
cdn-cachedat: 10/22/2021 18:10:02
cdn-pullzone: 303693
Content-Length: 43992
server: BunnyCDN-DE1-863
last-modified: Fri, 10 Sep 2021 15:16:43 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
content-type: video/mp4
cdn-cache: HIT
cdn-uid: f45a7a2e-6fd6-42fa-b15d-1efd29fb00dd
cache-control: public, max-age=2592000
cdn-requestid: 0e4871daa85e99bc64e5e1db66f84007
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 46ms
46ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NN1C546X3F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4baa41e899e64f0af366e6166fc5d44ef2ddd6a51e30e684c255093ecf428905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:15 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70139
x-xss-protection: 0
expires: Fri, 17 Jun 2022 02:23:15 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 95 KB
37 KB 154ms
72ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-TM9ZR3P

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0c3829ae9999d8b1b71fd2be5695b61a4d4d37b2b70334ad8c9ccfbfe644dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37726
x-xss-protection: 0
last-modified: Fri, 17 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Jun 2022 02:23:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 114ms
37ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4706
date: Fri, 17 Jun 2022 01:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 17 Jun 2022 03:04:49 GMT

GET
H2 200 app.js Show response
swarmpush.com/s/pushilka/ 5 KB
3 KB 222ms
134ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarmpush.com/s/pushilka/app.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bccff761c597e401848195d9a96a0d9831797a9582d015e6cc855dce845b973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:16 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=4888
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed: /
last-modified: Sun, 26 Dec 2021 15:59:29 GMT
server: cloudflare
etag: W/"61c89161-1318"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZymFcVoC5zMZrolaucL34fYf%2FbXNoal%2FgYEmjfsgSQS8BhEflR%2FhudhX2AUWbaSy7GyVncoYhWnMkTOvBiB1tV6V89zbBtlAQS%2FQJDakHhD7ytXYpWIeMCYAkTdT%2BBns8Ptu4%2BA0XN8AoUYe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 71c8527cac5f9957-FRA
expires: Fri, 17 Jun 2022 02:23:14 GMT

GET
H2 200 hotjar-2287191.js Show response
static.hotjar.com/c/ 4 KB
2 KB 147ms
39ms Script
application/javascript 18.66.97.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2287191.js?sv=6

Requested by

Host: freedirtygame.com
URL: https://freedirtygame.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-37.fra56.r.cloudfront.net

Software

Resource Hash

ec86004148a761eed7fc00bfe778925c06df29056e244c5b96e7e5ac9db4bb47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:08 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 7
etag: W/d1e716a1a046cd91a08229bd7be49a32
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 9A_lZaYUuAJL3-uADIOpzi5kFYTISivIIFEj_EQp2KULctJmBMeXHQ==
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)

GET
H2 200 p.js Show response
my.rtmark.net/ 697 B
1 KB 137ms
42ms Script
text/javascript 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=2638b6dd5c861876683d09590fabe19e79110e6984416facf479b1c21ebaf963

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5a46253e8c38eab212da40118d8eadf341144095c89b28abd0cfc2e499f01e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:15 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 697

GET
H/1.1 200
OK tag_gen.js Show response
a.exoclick.com/ 1 KB
959 B 164ms
39ms Script
application/javascript 2001:4de0:ac19::1:b:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exoclick.com/tag_gen.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 07d5e5f440ca5ac95ca64e9e9bfd61f0feece6a0e7c3c0f5a42d673da490c7d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

Date: Fri, 17 Jun 2022 02:23:15 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"599a9242165611ea099e1938f18"
X-HW: 1655432595.dop127.fr8.t,1655432595.cds270.fr8.shn,1655432595.dop127.fr8.t,1655432595.cds230.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 521

GET
H/1.1 200
OK ctrack
ctrack.trafficjunky.net/ 35 B
1 KB 138ms
53ms Image
image/gif 66.254.114.89
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctrack.trafficjunky.net/ctrack?action=list&type=add&id=0&context=FreeDirtyGamesLP&cookiename=FreeDirtyGamesLP&age=99999999&maxcookiecount=10
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.89 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: openresty /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 02:23:15 GMT
server: openresty
access-control-max-age: 86400
access-control-allow-methods: GET,POST
p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type
content-length: 35
x-request-id: 62ABE593-42FE725901BB555B-171ACDBB
expires: Sun, 22 Jan 1984 03:00:00 GMT

GET
H2 200 c59acd15-05f1-4432-8507-c3690d1f36c1
tsyndicate.com/api/v1/retargeting/set/ 35 B
487 B 153ms
39ms Image
image/gif 136.243.51.171
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/c59acd15-05f1-4432-8507-c3690d1f36c1?pageview={pageview}
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.51.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.171.51.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 02:23:15 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: d1f1b7b4ef14a396
expires: 0

GET
H2 206 second_step_v2.mp4
adverster.b-cdn.net/video/pre/GameBater_v4/ 3 MB
0 37ms
37ms Media
video/mp4 138.199.37.231
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://adverster.b-cdn.net/video/pre/GameBater_v4/second_step_v2.mp4
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.231 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-231.datapacket.com
Software: BunnyCDN-DE1-863 /
Resource Hash

Request headers

Referer: https://freedirtygame.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
Range: bytes=32768-

Response headers

date: Fri, 17 Jun 2022 02:23:15 GMT
cdn-edgestorageid: 632
cdn-fileserver: 182
cdn-storageserver: DE-169
Content-Range: bytes 32768-3025879/3025880
cdn-cachedat: 10/22/2021 18:10:02
cdn-pullzone: 303693
Content-Length: 2993112
server: BunnyCDN-DE1-863
last-modified: Fri, 10 Sep 2021 15:16:43 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 206
content-type: video/mp4
cdn-cache: HIT
cdn-uid: f45a7a2e-6fd6-42fa-b15d-1efd29fb00dd
cache-control: public, max-age=2592000
cdn-requestid: fadf6b654f45cf20bdefdc08e59c71e3
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 126ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NN1C546X3F&gtm=2oe6f0&_p=458555876&_z=ccd.v9B&cid=1666593145.1655432596&ul=en-us&sr=1600x1200&_s=1&sid=1655432595&sct=1&seg=0&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FGameBater_v4%2F%3Fclickid%3Dw9sh05265rc5piug2me0ac98%26country%3DDE%26m1%3DOpera%26m2%3DGermany%26voluum_id%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26tsource%3Dadult%2520game%2520-%2520our%2520offers%2520%2528%25D1%2582%25D1%2580%25D0%25B0%25D1%2584%25D0%25B8%25D0%25BA%2520%25D1%2581%2520freedirtygame.com%2529%26campaign%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26base%3D%257Btsource%257D%26partner%3DBC%26next%3DGameBater_v1&dr=https%3A%2F%2Fmading-calipprox.com%2F&dt=GameBater%20-%20Try%20Not%20To%20Cum&en=page_view&_fv=1&_nsi=1&_ss=1&ep.userId=w9sh05265rc5piug2me0ac98
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NN1C546X3F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 02:23:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freedirtygame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.b871a939666125f20d79.js Show response
script.hotjar.com/ 243 KB
63 KB 120ms
44ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b871a939666125f20d79.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2287191.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Thu, 09 Jun 2022 08:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 667870
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64109
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 08:51:29 GMT
etag: "a7a5f230aae7accf37f785c6590c07fa"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: YwUzseSb2GP0Sjv8Jck8n43OWVk62Q9ZS0IAyIR4Kf-pv6xVrjgo2A==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 119ms
44ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=458555876&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FGameBater_v4%2F%3Fclickid%3Dw9sh05265rc5piug2me0ac98%26country%3DDE%26m1%3DOpera%26m2%3DGermany%26voluum_id%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26tsource%3Dadult%2520game%2520-%2520our%2520offers%2520%2528%25D1%2582%25D1%2580%25D0%25B0%25D1%2584%25D0%25B8%25D0%25BA%2520%25D1%2581%2520freedirtygame.com%2529%26campaign%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26base%3D%257Btsource%257D%26partner%3DBC%26next%3DGameBater_v1&dr=https%3A%2F%2Fmading-calipprox.com%2F&ul=en-us&de=UTF-8&dt=GameBater%20-%20Try%20Not%20To%20Cum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=loaded&ea=first%20page&el=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FGameBater_v4%2F%3Fclickid%3Dw9sh05265rc5piug2me0ac98%26country%3DDE%26m1%3DOpera%26m2%3DGermany%26voluum_id%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26tsource%3Dadult%2520game%2520-%2520our%2520offers%2520%2528%25D1%2582%25D1%2580%25D0%25B0%25D1%2584%25D0%25B8%25D0%25BA%2520%25D1%2581%2520freedirtygame.com%2529%26campaign%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26base%3D%257Btsource%257D%26partner%3DBC%26next%3DGameBater_v1&_u=aADAAEABQAAAAC~&jid=1813445192&gjid=807303508&cid=1666593145.1655432596&tid=UA-150844200-5&_gid=2089313716.1655432596&_r=1&gtm=2wg6f0PVSSXTS&cd1=Pre%20GameBater_v4&cd2=&cd3=w9sh05265rc5piug2me0ac98&cd4=en&cd5=w9sh05265rc5piug2me0ac98&cd6=de&cd7=opera&cd8=3cb6586c-d759-4aba-9493-e8aab4deced0&cd9=adult%20game&cd10=3cb6586c-d759-4aba-9493-e8aab4deced0&cd11=adult%20game%20-%20our%20offers%20(%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com)&cd16=&cd17=freedirtygame.com&z=702785246

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://freedirtygame.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 02:23:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freedirtygame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 108ms
37ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=458555876&t=pageview&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FGameBater_v4%2F%3Fclickid%3Dw9sh05265rc5piug2me0ac98%26country%3DDE%26m1%3DOpera%26m2%3DGermany%26voluum_id%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26tsource%3Dadult%2520game%2520-%2520our%2520offers%2520%2528%25D1%2582%25D1%2580%25D0%25B0%25D1%2584%25D0%25B8%25D0%25BA%2520%25D1%2581%2520freedirtygame.com%2529%26campaign%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26base%3D%257Btsource%257D%26partner%3DBC%26next%3DGameBater_v1&dr=https%3A%2F%2Fmading-calipprox.com%2F&ul=en-us&de=UTF-8&dt=GameBater%20-%20Try%20Not%20To%20Cum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABQAAAAC~&jid=&gjid=&cid=1666593145.1655432596&uid=w9sh05265rc5piug2me0ac98&tid=UA-150844200-5&_gid=2089313716.1655432596&gtm=2wg6f0PVSSXTS&cd1=Pre%20GameBater_v4&cd2=&cd3=w9sh05265rc5piug2me0ac98&cd4=en&cd5=w9sh05265rc5piug2me0ac98&cd6=de&cd7=opera&cd8=3cb6586c-d759-4aba-9493-e8aab4deced0&cd9=adult%20game&cd10=3cb6586c-d759-4aba-9493-e8aab4deced0&cd11=adult%20game%20-%20our%20offers%20(%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com)&cd16=&cd17=freedirtygame.com&z=854851025

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 11:54:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52150
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame 311F 2 KB
1 KB 119ms
36ms Document
text/html 18.66.139.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2287191.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-28.fra60.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://freedirtygame.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1450150
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-cf-id: cf-SSAWkEd2E4C57u47XkoTxgFuoO6yAo7oZEkWya7UrAU3MAWYJ9w==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H3 200 event Show response
swarmpush.com/ 43 B
667 B 480ms
438ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarmpush.com/event
Requested by: Host: swarmpush.com
URL: https://swarmpush.com/s/pushilka/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.5
Resource Hash: 7bbeb1d7ffddbc65a104caf1e24cd467cc322c58f4972313804b67960a80a5c5

Request headers

Referer: https://freedirtygame.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Jun 2022 02:23:16 GMT
access-control-allow-methods: POST, PUT, DELETE, GET
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.1.5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jz8Dq1J%2FhNc0sX%2BeUtZUmnHcfqKcGO0tpS3DyJlPdA2trxrc%2FFtK2tTbQKNyLUJComT14Al79YL09c8xYfd8QIM6GMainiy2AcpS11qRJ9Gt6YuowQTGlvkSm5Vt8fiyrnZmDbf9NPToJX%2FO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, private
cf-ray: 71c8527e1b019c0d-FRA
expires: Fri, 17 Jun 2022 02:23:16 GMT

GET
H3 200 app.css
swarmpush.com/s/pushilka/ 2 KB
1 KB 86ms
45ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://swarmpush.com/s/pushilka/app.css
Requested by: Host: swarmpush.com
URL: https://swarmpush.com/s/pushilka/app.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74934db0a8829b280a64167629bfa3855dd2a50c641fa5baa8c927a3cb6ff1d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 135
cf-polished: origSize=1649
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Dec 2021 15:59:29 GMT
server: cloudflare
etag: W/"61c89161-671"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10qaKEGclEiUan4r57Od3Aau13FJPQZTpXNAlBmqWhRAAFu8P1Hww%2BdScGAVdfVYbdzLc0qLwXmRHVEF6k72D48r3V%2Bqbs6YlPeyAkA9yYVBV%2FXlw0LWrBD3uYV%2BSMjKx2qPnnedqJBjzlmJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 71c8527e1f1f917c-FRA
cf-bgj: minify

GET
H3 200 bell.webp
swarmpush.com/s/pushilka/ 20 KB
21 KB 90ms
48ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://swarmpush.com/s/pushilka/bell.webp
Requested by: Host: freedirtygame.com
URL: https://freedirtygame.com/pre/GameBater_v4/?clickid=w9sh05265rc5piug2me0ac98&country=DE&m1=Opera&m2=Germany&voluum_id=3cb6586c-d759-4aba-9493-e8aab4deced0&tsource=adult%20game%20-%20our%20offers%20%28%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com%29&campaign=3cb6586c-d759-4aba-9493-e8aab4deced0&base=%7Btsource%7D&partner=BC&next=GameBater_v1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76318a01b1c1e58ce7b96a7c9de5d6867287b78b84a5ed9a8859d45cc512f283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20864
last-modified: Sun, 26 Dec 2021 15:59:29 GMT
server: cloudflare
etag: "61c89161-5180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OK8UebFjA6K1UhDLeCYUXPe5ptO%2FzrYxVvfqunLCW6xHg41efFZzAaexiEuhY7Ew91bF6d81mFA1jP%2FxLnbE%2Fek6IcVl6JcnMRRqRCtEcPtG1DLNP8W2E%2BQgXSpi%2FDpEi9etRYQOP9hdBDa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 71c8527e1f1e917c-FRA

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
37ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=458555876&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FGameBater_v4%2F%3Fclickid%3Dw9sh05265rc5piug2me0ac98%26country%3DDE%26m1%3DOpera%26m2%3DGermany%26voluum_id%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26tsource%3Dadult%2520game%2520-%2520our%2520offers%2520%2528%25D1%2582%25D1%2580%25D0%25B0%25D1%2584%25D0%25B8%25D0%25BA%2520%25D1%2581%2520freedirtygame.com%2529%26campaign%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26base%3D%257Btsource%257D%26partner%3DBC%26next%3DGameBater_v1&dr=https%3A%2F%2Fmading-calipprox.com%2F&ul=en-us&de=UTF-8&dt=GameBater%20-%20Try%20Not%20To%20Cum&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=push&ea=show&_u=aADAAEABQAAAAC~&jid=&gjid=&cid=1666593145.1655432596&tid=UA-150844200-5&_gid=2089313716.1655432596&gtm=2wg6f0PVSSXTS&cd1=Pre%20GameBater_v4&cd2=&cd3=w9sh05265rc5piug2me0ac98&cd4=en&cd5=w9sh05265rc5piug2me0ac98&cd6=de&cd7=opera&cd8=3cb6586c-d759-4aba-9493-e8aab4deced0&cd9=adult%20game&cd10=3cb6586c-d759-4aba-9493-e8aab4deced0&cd11=adult%20game%20-%20our%20offers%20(%D1%82%D1%80%D0%B0%D1%84%D0%B8%D0%BA%20%D1%81%20freedirtygame.com)&cd16=&cd17=freedirtygame.com&z=2138963520

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 11:54:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52150
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 2287191 Show response
vc.hotjar.io/sessions/ 0
257 B 280ms
61ms XHR
text/plain 108.157.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2287191?s=0.25&r=0.1378637416902435
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b871a939666125f20d79.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-34.dus51.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:16 GMT
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: Z63oZlxPxi4sEusXlz5V6MhzSl6_NdDsYt-Pg8JQeRqVzs9OLxhLxQ==

GET
H2 200 img.gif
my.rtmark.net/ 43 B
490 B 44ms
44ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=2638b6dd5c861876683d09590fabe19e79110e6984416facf479b1c21ebaf963&ttl=&rurl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FGameBater_v4%2F%3Fclickid%3Dw9sh05265rc5piug2me0ac98%26country%3DDE%26m1%3DOpera%26m2%3DGermany%26voluum_id%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26tsource%3Dadult%2520game%2520-%2520our%2520offers%2520%2528%25D1%2582%25D1%2580%25D0%25B0%25D1%2584%25D0%25B8%25D0%25BA%2520%25D1%2581%2520freedirtygame.com%2529%26campaign%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26base%3D%257Btsource%257D%26partner%3DBC%26next%3DGameBater_v1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

date: Fri, 17 Jun 2022 02:23:16 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 122ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NN1C546X3F&gtm=2oe6f0&_p=458555876&_z=ccd.v9B&cid=1666593145.1655432596&ul=en-us&sr=1600x1200&_s=2&sid=1655432595&sct=1&seg=0&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FGameBater_v4%2F%3Fclickid%3Dw9sh05265rc5piug2me0ac98%26country%3DDE%26m1%3DOpera%26m2%3DGermany%26voluum_id%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26tsource%3Dadult%2520game%2520-%2520our%2520offers%2520%2528%25D1%2582%25D1%2580%25D0%25B0%25D1%2584%25D0%25B8%25D0%25BA%2520%25D1%2581%2520freedirtygame.com%2529%26campaign%3D3cb6586c-d759-4aba-9493-e8aab4deced0%26base%3D%257Btsource%257D%26partner%3DBC%26next%3DGameBater_v1&dr=https%3A%2F%2Fmading-calipprox.com%2F&dt=GameBater%20-%20Try%20Not%20To%20Cum&en=scroll&ep.userId=w9sh05265rc5piug2me0ac98&epn.percent_scrolled=90&_et=11
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NN1C546X3F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://freedirtygame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 OPR/74.0.3911.203

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 02:23:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://freedirtygame.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mading-calipprox.com
URL: https://mading-calipprox.com/redirect?target=BASE64aHR0cHM6Ly9mcmVlZGlydHlnYW1lLmNvbS9wcmUvR2FtZUJhdGVyX3Y0Lz9jbGlja2lkPXc5c2gwNTI2NXJjNXBpdWcybWUwYWM5OCZjb3VudHJ5PURFJm0xPU9wZXJhJm0yPUdlcm1hbnkmdm9sdXVtX2lkPTNjYjY1ODZjLWQ3NTktNGFiYS05NDkzLWU4YWFiNGRlY2VkMCZ0c291cmNlPWFkdWx0JTIwZ2FtZSUyMC0lMjBvdXIlMjBvZmZlcnMlMjAlMjglRDElODIlRDElODAlRDAlQjAlRDElODQlRDAlQjglRDAlQkElMjAlRDElODElMjBmcmVlZGlydHlnYW1lLmNvbSUyOSZjYW1wYWlnbj0zY2I2NTg2Yy1kNzU5LTRhYmEtOTQ5My1lOGFhYjRkZWNlZDAmYmFzZT0lN0J0c291cmNlJTdEJnBhcnRuZXI9QkMmbmV4dD1HYW1lQmF0ZXJfdjE&ts=1655432595009&hash=C1-56VbdnEql3S7QR3SCuqIdN_oW9gF0Y0aSCjr5fhI&rm=DJ

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.track.theagencyone.com/	1970-01-20 03:51:58	Name: 3cb6586c-d759-4aba-9493-e8aab4deced0-v4 Value: nN1_nMKRSPz8nbci4NHS2X-q7NwazEp2xpaeFFwf7SE
.track.theagencyone.com/	1970-01-20 12:36:08	Name: cc-v4 Value: eBGIt9qaMMiswm%2BKIyqoW9gz5M1RmJ3cQS1y8gRSdrlsLtp0liHL%2F1%2B%2Fawl4%2FNbHD2WiS6yZUVrzn9P4u8xOaNdwe8QX4on7djVPkATdCKT9RSHMF2fCld8Y3lhg1rppPOauURSm326ImwDBbEJxIg%3D%3D
.freedirtygame.com/	1970-01-20 21:21:44	Name: _ga_NN1C546X3F Value: GS1.1.1655432595.1.0.1655432595.0
.trafficjunky.net/	1970-01-20 04:33:44	Name: tj_UUID Value: c8dc6467f1834e53b153a901c7cd8e07
.trafficjunky.net/	1970-01-20 04:33:44	Name: tj_UUID_v2 Value: c8dc6467-f183-4e53-b153-a901c7cd8e07
.trafficjunky.net/	1970-03-30 14:30:32	Name: 577b03ac578011bb1ed4d1f62179699f Value: 0
tsyndicate.com/	1970-01-20 12:36:08	Name: ts_rt_c59acd15-05f1-4432-8507-c3690d1f36c1 Value: cMKcKWMnTZk7PUrcECKQoEGEC4kEBA==
.freedirtygame.com/	1970-01-20 21:21:44	Name: _ga Value: GA1.2.1666593145.1655432596
.freedirtygame.com/	1970-01-20 03:51:58	Name: _gid Value: GA1.2.2089313716.1655432596
.freedirtygame.com/	1970-01-20 03:50:32	Name: _gat_UA-150844200-5 Value: 1
freedirtygame.com/	1970-01-20 03:50:54	Name: pushilka_vid Value: 19tn2wi-rh2opg
.freedirtygame.com/	1970-01-20 12:36:08	Name: _hjSessionUser_2287191 Value: eyJpZCI6IjU3Y2RmNzk4LWE3NTAtNWQxMy04ZmUzLTU4YTc4MjA4ZDA1NCIsImNyZWF0ZWQiOjE2NTU0MzI1OTYxNzMsImV4aXN0aW5nIjpmYWxzZX0=
.freedirtygame.com/	1970-01-20 03:50:34	Name: _hjFirstSeen Value: 1
freedirtygame.com/	1970-01-20 03:50:32	Name: _hjIncludedInSessionSample Value: 0
.freedirtygame.com/	1970-01-20 03:50:34	Name: _hjSession_2287191 Value: eyJpZCI6IjZiN2M5NmRlLWFiN2MtNDNjYS1hNjgxLTZmMjNhYTI4YjkxYyIsImNyZWF0ZWQiOjE2NTU0MzI1OTYxOTQsImluU2FtcGxlIjpmYWxzZX0=
.freedirtygame.com/	1970-01-20 03:50:34	Name: _hjAbsoluteSessionInProgress Value: 1
my.rtmark.net/	1970-01-20 12:36:08	Name: ID Value: 5bc57de8196345f3b4e70fa8e1c49425

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://freedirtygame.com/pre/GameBater_v4/files/ion.sound.min.js(Line 4) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.exoclick.com
adverster.b-cdn.net
ctrack.trafficjunky.net
freedirtygame.com
mading-calipprox.com
my.rtmark.net
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
swarmpush.com
track.theagencyone.com
tsyndicate.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.googletagmanager.com
mading-calipprox.com
108.157.4.34
136.243.51.171
138.199.37.231
139.45.195.8
18.184.38.55
18.66.139.28
18.66.97.37
2001:4860:4802:32::36
2001:4de0:ac19::1:b:3a
2a00:1450:4001:808::200e
2a00:1450:4001:811::2008
2a06:98c1:3121::3
5.189.171.71
52.222.236.63
66.254.114.89
07d5e5f440ca5ac95ca64e9e9bfd61f0feece6a0e7c3c0f5a42d673da490c7d1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1042e17e6e39ad7ac9209762de389a848a818107aa402842b51a394d8bb3eda6
11e805d63959419b978b1f66a7d1e10914e950f0c908abc8cf2b67fd48e6d11d
2310c2aac79e048dd90d97c467710c22b58cc2176a348c12fd2909827564177a
27746480fed50a7132fd291a781f2db93e591a58f18603860551c689050c6281
2b4209726526fd62eceb4c5b0ab5c4f2648429f22570a4e2efb748dd18f9d03f
2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba
31567410e682963491612977dec5582d528885b5d6f3516901f2a276939bbd2f
3b07608ac0ae2103a8688a1f17fbebc888abab9ba3b72489aae45ded51d9a235
3eec366e17a7764fd41e49f93998e254b8e87db95307efed118e9c629af1f6d3
4baa41e899e64f0af366e6166fc5d44ef2ddd6a51e30e684c255093ecf428905
4bccff761c597e401848195d9a96a0d9831797a9582d015e6cc855dce845b973
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5a46253e8c38eab212da40118d8eadf341144095c89b28abd0cfc2e499f01e6c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74934db0a8829b280a64167629bfa3855dd2a50c641fa5baa8c927a3cb6ff1d0
76318a01b1c1e58ce7b96a7c9de5d6867287b78b84a5ed9a8859d45cc512f283
7810566f681f0cc649da1515dbef7533c983ff1583a28e0d06745037db2ef378
7bbeb1d7ffddbc65a104caf1e24cd467cc322c58f4972313804b67960a80a5c5
7f5a9df64e6108b339e01c45629795dcc1c1f79dc4d0497811172bc968fad1e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9ba2ea675a827eaa74a93beaed40bf5ef998b33e98a663887de3458a5e4e87e4
9ffe7fee2c4ff8ac3073e97f37376ed8ac649a0f726fc9f26570d61758f2aa6c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a478641d18bc08d709909e300ac7d7c470a65d4974afae7eb9d0a54c117afc5f
ba534cc9d8158c4635b87771f07c7f587ded43838408ffc81d92e35d990ab296
bd69202ddc7e570cb2017651577ea31de7c4aecc15e37fd300a960fb0fac789a
d9d70cb316285cb3b866c4f0c5aacf3313cf408bed70c7857db78e3e093ecf0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49aa1ab53b921096dceb6aa715197e9bd46888e309d7cf34fafbc8818016d04
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
ec86004148a761eed7fc00bfe778925c06df29056e244c5b96e7e5ac9db4bb47
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f0c3829ae9999d8b1b71fd2be5695b61a4d4d37b2b70334ad8c9ccfbfe644dbf
f2b70e62e0f1e85650364cddc5067f400d1847b54e63361b2d57763dd54d4c49
f52c6cdb7e8a94b92bde5b0c0ec89d6075bde444ac798e59b495dec9ae2e908e
fb65417703a47797292fe85f56d62ac607b8a2bd8a47cf4d028a1ecda2e0ecbe
fb77761e577dc2626e6ed62aad590ca30f184906b681283da856c669e186f9d8

freedirtygame.com Open in urlscan Pro 5.189.171.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

98 %HTTPS

33 %IPv6

13 Domains

16 Subdomains

16 IPs

4 Countries

1348 kBTransfer

4861 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freedirtygame.com Open in urlscan Pro
5.189.171.71 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

98 %
HTTPS

33 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

1348 kB
Transfer

4861 kB
Size

17
Cookies

47 HTTP transactions
0 data transactions