Submitted URL: https://2track.info/aSsQ
Effective URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&t...
Submission: On December 02 via manual from AT — Scanned from DE

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 29 HTTP transactions. The main IP is 178.128.37.11, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is dirtyfree.games.
TLS certificate: Issued by R3 on September 28th 2021. Valid for: 3 months.
This is the only time dirtyfree.games was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.64.218.161 16509 (AMAZON-02)
1 1 212.32.250.10 60781 (LEASEWEB-...)
1 1 157.230.211.91 14061 (DIGITALOC...)
9 178.128.37.11 14061 (DIGITALOC...)
1 163.171.128.172 54994 (QUANTILNE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 172.67.160.238 13335 (CLOUDFLAR...)
1 143.204.98.82 16509 (AMAZON-02)
1 143.204.98.39 16509 (AMAZON-02)
1 143.204.98.32 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.50.124.16 16509 (AMAZON-02)
29 13
Domain Requested by
9 dirtyfree.games 2track.info
dirtyfree.games
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
dirtyfree.games
4 fonts.gstatic.com fonts.googleapis.com
3 2track.info 2track.info
1 in.hotjar.com script.hotjar.com
1 swarmpush.com push.wuazu.net
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com 2track.info
1 push.wuazu.net www.googletagmanager.com
1 www.googletagmanager.com dirtyfree.games
1 fonts.googleapis.com dirtyfree.games
1 geoip.enlistsecurely.com dirtyfree.games
1 bintrck.xyz 1 redirects
1 adverster.g2afse.com 1 redirects
29 15

This site contains no links.

Subject Issuer Validity Valid
*.2track.info
Amazon
2021-02-20 -
2022-03-21
a year crt.sh
dirtyfree.games
R3
2021-09-28 -
2021-12-27
3 months crt.sh
*.enlistsecurely.com
AlphaSSL CA - SHA256 - G2
2020-04-14 -
2022-04-15
2 years crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh

This page contains 2 frames:

Primary Page: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Frame ID: 59F9205C71D9135AE175781689CBCF72
Requests: 28 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: D932BD6631C1303B54D1499FD01D4D5B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

FAMILY CHEATERS

Page URL History Show full URLs

  1. https://2track.info/aSsQ Page URL
  2. https://adverster.g2afse.com/click?pid=27&offer_id=17&sub1=000249f23528-c5f1-4057-a689-64ae847ad2c1&sub4=... HTTP 302
    https://bintrck.xyz/click.php?key=mgs1wi7om9vhn9swgcyz&code=61a8ec96413e650001b6a321&sub1=000249... HTTP 302
    https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germ... Page URL

Page Statistics

29
Requests

100 %
HTTPS

33 %
IPv6

12
Domains

15
Subdomains

13
IPs

5
Countries

933 kB
Transfer

1421 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2track.info/aSsQ Page URL
  2. https://adverster.g2afse.com/click?pid=27&offer_id=17&sub1=000249f23528-c5f1-4057-a689-64ae847ad2c1&sub4=12117 HTTP 302
    https://bintrck.xyz/click.php?key=mgs1wi7om9vhn9swgcyz&code=61a8ec96413e650001b6a321&sub1=000249f23528-c5f1-4057-a689-64ae847ad2c1&sub2=Adult+game+-+FamilyCheaters+-+Blue+-+all+languages&sub3=Paysale&sub4=12117&sub5=27 HTTP 302
    https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
aSsQ
2track.info/
623 B
1 KB
Document
General
Full URL
https://2track.info/aSsQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.218.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-218-161.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
694cb623a7bc042309dd4a919643f4cb59a3ed82fea0bca78d56f0990440af8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 02 Dec 2021 15:56:05 GMT
content-type
text/html; charset=utf-8
content-length
623
cache-control
max-age=0, private, must-revalidate
cross-origin-window-policy
deny
server
Cowboy
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
Frz7NCgMDBd9q-oASYHy
x-xss-protection
1; mode=block
app-642ae931240e0db1527587cdf74aca7e.js
2track.info/js/
49 KB
18 KB
Script
General
Full URL
https://2track.info/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Requested by
Host: 2track.info
URL: https://2track.info/aSsQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.218.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-218-161.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
44eb1c43dbd5953c5d3aea031d0470770cc422a7ec6bd6b444891ecb9d728835

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2track.info/aSsQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:05 GMT
content-encoding
gzip
server
Cowboy
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17813
data
2track.info/post/
0
238 B
XHR
General
Full URL
https://2track.info/post/data
Requested by
Host: 2track.info
URL: https://2track.info/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.218.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-218-161.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2track.info/aSsQ
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
x-content-type-options
nosniff
server
Cowboy
cross-origin-window-policy
deny
x-download-options
noopen
x-permitted-cross-domain-policies
none
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
Frz7NEHqynRV6VUASYIC
Primary Request /
dirtyfree.games/pre/Vip_v3/
Redirect Chain
  • https://adverster.g2afse.com/click?pid=27&offer_id=17&sub1=000249f23528-c5f1-4057-a689-64ae847ad2c1&sub4=12117
  • https://bintrck.xyz/click.php?key=mgs1wi7om9vhn9swgcyz&code=61a8ec96413e650001b6a321&sub1=000249f23528-c5f1-4057-a689-64ae847ad2c1&sub2=Adult+game+-+FamilyCheaters+-+Blue+-+all+languages&sub3=Paysa...
  • https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
18 KB
6 KB
Document
General
Full URL
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Requested by
Host: 2track.info
URL: https://2track.info/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5f0d9706cd5583e7d9aa9c9b7d951929ea347b98765b360c9e4f6a028ebd6427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://2track.info/aSsQ

Response headers

server
nginx
date
Thu, 02 Dec 2021 15:56:06 GMT
content-type
text/html
last-modified
Sun, 03 Oct 2021 12:33:28 GMT
vary
Accept-Encoding
etag
W/"6159a318-47ad"
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

server
nginx/1.18.0
date
Thu, 02 Dec 2021 15:56:06 GMT
content-type
text/html; charset=UTF-8
location
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
strict-transport-security
max-age=31536000
base.css
dirtyfree.games/pre/Vip_v3/files/
12 KB
3 KB
Stylesheet
General
Full URL
https://dirtyfree.games/pre/Vip_v3/files/base.css
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9ed8f3b095a33e7d23f158b13e1ce3b186ac9e1b1fb4dc48bac64bc8cafed600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:15:44 GMT
server
nginx
etag
W/"6149f720-30e4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 03 Dec 2021 03:56:06 GMT
theme_v2.css
dirtyfree.games/pre/Vip_v3/files/
333 B
537 B
Stylesheet
General
Full URL
https://dirtyfree.games/pre/Vip_v3/files/theme_v2.css
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
77d85fb8f07a75b901146e46848f0499a08e3459a87a48fd88f49971411f99d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
last-modified
Tue, 21 Sep 2021 15:16:05 GMT
server
nginx
etag
"6149f735-14d"
strict-transport-security
max-age=31536000
content-type
text/css
cache-control
max-age=43200
accept-ranges
bytes
content-length
333
expires
Fri, 03 Dec 2021 03:56:06 GMT
jquery-2.2.4.min.js
dirtyfree.games/pre/Vip_v3/files/
84 KB
33 KB
Script
General
Full URL
https://dirtyfree.games/pre/Vip_v3/files/jquery-2.2.4.min.js
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:15:53 GMT
server
nginx
etag
W/"6149f729-14e4a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 03 Dec 2021 03:56:06 GMT
lang.js
dirtyfree.games/pre/Vip_v3/files/
8 KB
2 KB
Script
General
Full URL
https://dirtyfree.games/pre/Vip_v3/files/lang.js
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b07e81ceb3dc5a953346c434fab84af9a1eb456ccac2ccc98282cd882306c6f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:15:54 GMT
server
nginx
etag
W/"6149f72a-1ea0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 03 Dec 2021 03:56:06 GMT
no-mute.png
dirtyfree.games/pre/Vip_v3/files/
17 KB
17 KB
Image
General
Full URL
https://dirtyfree.games/pre/Vip_v3/files/no-mute.png
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
27746480fed50a7132fd291a781f2db93e591a58f18603860551c689050c6281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
last-modified
Tue, 21 Sep 2021 15:15:59 GMT
server
nginx
etag
"6149f72f-450f"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
17679
expires
Sat, 01 Jan 2022 15:56:06 GMT
iframeResizer.min.js
dirtyfree.games/pre/Vip_v3/files/
12 KB
5 KB
Script
General
Full URL
https://dirtyfree.games/pre/Vip_v3/files/iframeResizer.min.js
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:15:48 GMT
server
nginx
etag
W/"6149f724-2e17"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 03 Dec 2021 03:56:06 GMT
/
geoip.enlistsecurely.com/
393 B
793 B
Script
General
Full URL
https://geoip.enlistsecurely.com/
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.27.1-0.el6 /
Resource Hash
e3d3fe6de973f6291e55f692af0a767e43c71f50abde7c8294b734a5f235bb5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 15:56:07 GMT
server
waf/4.27.1-0.el6
x-ws-request-id
61a8ec97_PSdgflkfFRA1eq94_37577-5110
x-via
1.1 lsh190:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:9 (Cdn Cache Server V2.0)
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript
expires
0
ion.sound.min.js
dirtyfree.games/pre/Vip_v3/files/
13 KB
4 KB
Script
General
Full URL
https://dirtyfree.games/pre/Vip_v3/files/ion.sound.min.js
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
content-encoding
gzip
last-modified
Tue, 21 Sep 2021 15:15:53 GMT
server
nginx
etag
W/"6149f729-3220"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Fri, 03 Dec 2021 03:56:06 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&display=swap
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/files/base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
97848410fda5f9afd9b76389f6326697620af9364f65a1248ce11b2fc2caa518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 15:56:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 02 Dec 2021 15:56:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 02 Dec 2021 15:56:06 GMT
gtm.js
www.googletagmanager.com/
164 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSLMWPJ
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34be9077d585a3178281896cfef6376fbba798a92092da59747dad3c137885b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53501
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 15:56:06 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dirtyfree.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 11:08:01 GMT
x-content-type-options
nosniff
age
190085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8656
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 11:08:01 GMT
pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184c0882dc2b60d68c74decd65e23ea257d2de9ad374d1f3d92f271c4ab1205e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dirtyfree.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 18:20:50 GMT
x-content-type-options
nosniff
age
164116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8612
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:42 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 18:20:50 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dirtyfree.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 10:59:22 GMT
x-content-type-options
nosniff
age
104204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 10:59:22 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dirtyfree.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:12:20 GMT
x-content-type-options
nosniff
age
157426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 20:12:20 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSLMWPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3299
date
Thu, 02 Dec 2021 15:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 02 Dec 2021 17:01:07 GMT
js
www.google-analytics.com/gtm/
87 KB
34 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-TM9ZR3P&t=gtm5&cid=742215128.1638460567
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
262553359d1fc986d43322071f99eceaa2e953e94123eff867d0bf6d26f08339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34931
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Dec 2021 15:56:06 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1140433479&t=pageview&_s=1&dl=https%3A%2F%2Fdirtyfree.games%2Fpre%2FVip_v3%2F%3Fclickid%3D603d2ft7va5fnvr88a%26country%3DDE%26m1%3DChrome%2520Mobile%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&dr=https%3A%2F%2F2track.info%2F&ul=en-us&de=UTF-8&dt=FAMILY%20CHEATERS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1801362544&gjid=996567732&cid=742215128.1638460567&uid=603d2ft7va5fnvr88a&tid=UA-150844200-16&_gid=1281592121.1638460567&_r=1&gtm=2wgba1MSLMWPJ&cd1=pre%20Vip_v3&cd2=&cd3=603d2ft7va5fnvr88a&cd4=en&cd5=603d2ft7va5fnvr88a&cd6=de&cd7=chrome%20mobile&cd8=1059&cd9=adult%20game&cd10=1059&cd11=%7Bcampaign.name%7D&cd16=&cd17=dirtyfree.games&z=1646023276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dirtyfree.games/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 15:56:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dirtyfree.games
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
l_step_27.jpg
dirtyfree.games/pre/Vip_v3/files/
633 KB
633 KB
Image
General
Full URL
https://dirtyfree.games/pre/Vip_v3/files/l_step_27.jpg
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.128.37.11 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
b6deb054d7f957909c4efdc160409fe72d4eeda9cdbba5b9e6d5b7fa4df32c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:07 GMT
last-modified
Tue, 21 Sep 2021 15:15:58 GMT
server
nginx
etag
"6149f72e-9e22a"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
647722
expires
Sat, 01 Jan 2022 15:56:07 GMT
app.js
push.wuazu.net/s/pushilka/
5 KB
3 KB
Script
General
Full URL
https://push.wuazu.net/s/pushilka/app.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSLMWPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.160.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bccff761c597e401848195d9a96a0d9831797a9582d015e6cc855dce845b973

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:07 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4888
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
service-worker-allowed
/
last-modified
Sun, 14 Jun 2020 17:15:06 GMT
server
cloudflare
etag
W/"5ee65b1a-1318"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIvgCtfNuIhgueO428XvpSfMTJAdtelqdpE5UBfHrqkbiSkO5bV5s5NSNr19pJ9GR8IBerwTaNM0rCFkYQat%2BUScPt%2FocHgIOJmjdFc3Zttj0KemvKQTDS%2BWWlcvmlVztg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6b75be51da7d41c2-AMS
expires
Thu, 02 Dec 2021 15:56:06 GMT
hotjar-2287191.js
static.hotjar.com/c/
5 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2287191.js?sv=6
Requested by
Host: 2track.info
URL: https://2track.info/aSsQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-82.fra50.r.cloudfront.net
Software
/
Resource Hash
f3154d5473a5fb77dae07cc6e1ea291175d6f936b1734d6630fbf8de4c17ea49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA50-C1
etag
W/0f3b69ea2173687051d5d62b620e468f
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
jgWUR83S0FoI6BYMB65l1VV5SgBQmn6JbLb3nHm1e4O9S_IdJac2Qg==
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1140433479&t=event&ni=0&_s=1&dl=https%3A%2F%2Fdirtyfree.games%2Fpre%2FVip_v3%2F%3Fclickid%3D603d2ft7va5fnvr88a%26country%3DDE%26m1%3DChrome%2520Mobile%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&dr=https%3A%2F%2F2track.info%2F&ul=en-us&de=UTF-8&dt=FAMILY%20CHEATERS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=loaded&ea=first%20page&el=https%3A%2F%2Fdirtyfree.games%2Fpre%2FVip_v3%2F%3Fclickid%3D603d2ft7va5fnvr88a%26country%3DDE%26m1%3DChrome%2520Mobile%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=742215128.1638460567&tid=UA-150844200-16&_gid=1281592121.1638460567&gtm=2wgba1MSLMWPJ&cd1=pre%20Vip_v3&cd2=&cd3=603d2ft7va5fnvr88a&cd4=en&cd5=603d2ft7va5fnvr88a&cd6=de&cd7=chrome%20mobile&cd8=1059&cd9=adult%20game&cd10=1059&cd11=%7Bcampaign.name%7D&cd16=&cd17=dirtyfree.games&z=443308668
Requested by
Host: dirtyfree.games
URL: https://dirtyfree.games/pre/Vip_v3/?clickid=603d2ft7va5fnvr88a&country=DE&m1=Chrome%20Mobile&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Dec 2021 13:33:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8585
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.909c20fd8721306b1fa9.js
script.hotjar.com/
226 KB
60 KB
Script
General
Full URL
https://script.hotjar.com/modules.909c20fd8721306b1fa9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2287191.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-39.fra50.r.cloudfront.net
Software
/
Resource Hash
1ac32752b35d7d19ab735f0e9aa200625f0cda0d3a59f5a067e51116c2a43707
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 15:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
181
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
60677
access-control-allow-origin
*
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
etag
"10fcc57bdff3ad7a3c23c5903b8e57c8"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
iuRThu9bPXtJQ-WGXN6GsThYcFzC-FLfpqi3T6I_k7P6tETR2pYilQ==
box-a1ae2079824d1c48aa9ce06efb256f18.html
vars.hotjar.com/ Frame D932
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2287191.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-32.fra50.r.cloudfront.net
Software
/
Resource Hash
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dirtyfree.games/

Response headers

content-type
text/html
content-length
1044
date
Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6215abf691a11c2f451680e635d30daa"
last-modified
Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
kKkC7Dbtga2CBvvikJ9LYJU2rXL8AIFsZabOkX3SPLziyzejvA1cKg==
age
181
event
swarmpush.com/
43 B
741 B
Fetch
General
Full URL
https://swarmpush.com/event
Requested by
Host: push.wuazu.net
URL: https://push.wuazu.net/s/pushilka/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:50b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
7bbeb1d7ffddbc65a104caf1e24cd467cc322c58f4972313804b67960a80a5c5

Request headers

Referer
https://dirtyfree.games/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 02 Dec 2021 15:56:07 GMT
access-control-allow-methods
POST, PUT, DELETE, GET
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.34
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tw5owNumybKXa%2FaL%2BHlqEaWY6pthigZcT%2Fxpa%2FBxjKFBlTP%2BoCK53wBjZajxh1%2F2GpJxq2bFe%2BnlZp125hoEfzBwj0fzlXmqZxkcfTrHuZtBcHzLYbFVRT%2FFKAPvd0EclbYwDrj41sHSyaBv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, private
cf-ray
6b75be52cbd44a6e-FRA
expires
Thu, 02 Dec 2021 15:56:07 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2287191/
146 B
323 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/2287191/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.909c20fd8721306b1fa9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.124.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-124-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87

Request headers

Referer
https://dirtyfree.games/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 02 Dec 2021 15:56:07 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer function| $ function| jQuery function| lang function| getURLParameter function| iFrameResize object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| message function| clickIE function| clickNS object| gaplugins object| gaGlobal object| gaData object| google_optimize function| geoip_country_code function| geoip_country_name function| geoip_city function| geoip_region function| geoip_region_name function| geoip_latitude function| geoip_longitude function| geoip_postal_code function| geoip_resolved_ip object| ion function| getBrowser function| scrollToElem function| respondToSubmit boolean| iOS string| sys object| audioObjects number| step string| padding_top boolean| soundStatus number| volume number| count function| traff function| hj object| _hjSettings function| GetQueryString object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| Pushilka function| pushilkaGetURLParameter object| pushilka

16 Cookies

Domain/Path Name / Value
2track.info/ Name: client_uid
Value: a3d577ab-b890-4e57-8343-e79191c6014d
2track.info/ Name: sub_id
Value: 166086
2track.info/ Name: visit
Value: 000249f23528-c5f1-4057-a689-64ae847ad2c1
adverster.g2afse.com/ Name: afclick
Value: 61a8ec96413e650001b6a321
adverster.g2afse.com/ Name: afoffers
Value: {"17":1638460566}
bintrck.xyz/ Name: uclick
Value: ft7va5fnvr
bintrck.xyz/ Name: uclickhash
Value: ft7va5fnvr-ft7va5fnvr-2tsc-0-7sntvr-gxfytl-gxfyp2-4a7a95
.dirtyfree.games/ Name: _ga
Value: GA1.2.742215128.1638460567
.dirtyfree.games/ Name: _gid
Value: GA1.2.1281592121.1638460567
.dirtyfree.games/ Name: _gat_UA-150844200-16
Value: 1
dirtyfree.games/ Name: pushilka_vid
Value: 50zkza-1ep0t8q
.dirtyfree.games/ Name: _hjSessionUser_2287191
Value: eyJpZCI6IjBmZGRhMGExLWEyMTktNWJmZC1iMTRjLTU3MGNiYTkzM2Y4YSIsImNyZWF0ZWQiOjE2Mzg0NjA1Njc0MTgsImV4aXN0aW5nIjpmYWxzZX0=
.dirtyfree.games/ Name: _hjFirstSeen
Value: 1
.dirtyfree.games/ Name: _hjSession_2287191
Value: eyJpZCI6ImE4ZjI1NDk0LWM5MjEtNDM4Ny04NmQwLWRlYjJlM2Y3MDU4YSIsImNyZWF0ZWQiOjE2Mzg0NjA1Njc0NjN9
dirtyfree.games/ Name: _hjIncludedInPageviewSample
Value: 1
.dirtyfree.games/ Name: _hjAbsoluteSessionInProgress
Value: 0

3 Console Messages

Source Level URL
Text
deprecation warning URL: https://2track.info/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
other warning URL: https://dirtyfree.games/pre/Vip_v3/files/ion.sound.min.js(Line 4)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2track.info
adverster.g2afse.com
bintrck.xyz
dirtyfree.games
fonts.googleapis.com
fonts.gstatic.com
geoip.enlistsecurely.com
in.hotjar.com
push.wuazu.net
script.hotjar.com
static.hotjar.com
swarmpush.com
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
143.204.98.32
143.204.98.39
143.204.98.82
157.230.211.91
163.171.128.172
172.67.160.238
178.128.37.11
212.32.250.10
2606:4700:3035::6815:50b8
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::200a
3.64.218.161
52.50.124.16
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
184c0882dc2b60d68c74decd65e23ea257d2de9ad374d1f3d92f271c4ab1205e
1ac32752b35d7d19ab735f0e9aa200625f0cda0d3a59f5a067e51116c2a43707
262553359d1fc986d43322071f99eceaa2e953e94123eff867d0bf6d26f08339
27746480fed50a7132fd291a781f2db93e591a58f18603860551c689050c6281
2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba
34be9077d585a3178281896cfef6376fbba798a92092da59747dad3c137885b8
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
43c15c5e339cca85186d462b5951209ac3825b7677341e3d95f5e704b5057c87
44eb1c43dbd5953c5d3aea031d0470770cc422a7ec6bd6b444891ecb9d728835
4bccff761c597e401848195d9a96a0d9831797a9582d015e6cc855dce845b973
5f0d9706cd5583e7d9aa9c9b7d951929ea347b98765b360c9e4f6a028ebd6427
694cb623a7bc042309dd4a919643f4cb59a3ed82fea0bca78d56f0990440af8b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77d85fb8f07a75b901146e46848f0499a08e3459a87a48fd88f49971411f99d1
7bbeb1d7ffddbc65a104caf1e24cd467cc322c58f4972313804b67960a80a5c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
97848410fda5f9afd9b76389f6326697620af9364f65a1248ce11b2fc2caa518
9ed8f3b095a33e7d23f158b13e1ce3b186ac9e1b1fb4dc48bac64bc8cafed600
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b07e81ceb3dc5a953346c434fab84af9a1eb456ccac2ccc98282cd882306c6f4
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b6deb054d7f957909c4efdc160409fe72d4eeda9cdbba5b9e6d5b7fa4df32c48
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
e3d3fe6de973f6291e55f692af0a767e43c71f50abde7c8294b734a5f235bb5d
f3154d5473a5fb77dae07cc6e1ea291175d6f936b1734d6630fbf8de4c17ea49
f41bc54bcb1241a706432b6ca646835b27140a2eca0f50595ac4fbdd9eeef0f5