urlscan.io logo urlscan.io
SecurityTrails logo

freedirtygame.com Open in urlscan Pro
5.189.171.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://2track.info/aSsQ
Effective URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={c...
Submission: On April 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 35 HTTP transactions. The main IP is 5.189.171.71, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is freedirtygame.com. The Cisco Umbrella rank of the primary domain is 111591.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 1st 2021. Valid for: a year.
This is the only time freedirtygame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.68.154.106 16509 (AMAZON-02)
1 1 212.32.250.10 60781 (LEASEWEB-...)
1 1 157.230.211.91 14061 (DIGITALOC...)
9 5.189.171.71 51167 (CONTABO)
1 163.171.128.172 54994 (QUANTILNE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 65.9.66.112 16509 (AMAZON-02)
1 99.86.7.16 16509 (AMAZON-02)
1 143.204.215.118 16509 (AMAZON-02)
35 12
3    3.68.154.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-154-106.eu-central-1.compute.amazonaws.com
2track.info
1    212.32.250.10 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
adverster.g2afse.com
1    157.230.211.91 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bintrck.xyz
9    5.189.171.71 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m3450.contabo.host
freedirtygame.com
1    163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, US)
geoip.enlistsecurely.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
swarmpush.com
1    65.9.66.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-112.fra56.r.cloudfront.net
static.hotjar.com
1    99.86.7.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-16.fra6.r.cloudfront.net
script.hotjar.com
1    143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net
vars.hotjar.com
Apex Domain
Subdomains		 Transfer
9 freedirtygame.com
freedirtygame.com — Cisco Umbrella Rank: 111591
701 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
56 KB
4 gstatic.com
fonts.gstatic.com
33 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 624
script.hotjar.com — Cisco Umbrella Rank: 958
vars.hotjar.com — Cisco Umbrella Rank: 1008
66 KB
3 swarmpush.com
swarmpush.com — Cisco Umbrella Rank: 307724
25 KB
3 2track.info
2track.info
19 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
117 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
1 KB
1 enlistsecurely.com
geoip.enlistsecurely.com
712 B
1 bintrck.xyz
bintrck.xyz — Cisco Umbrella Rank: 278495
442 B
1 g2afse.com
adverster.g2afse.com — Cisco Umbrella Rank: 185849
394 B
35 11
Domain Requested by
9 freedirtygame.com 2track.info
freedirtygame.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
freedirtygame.com
4 fonts.gstatic.com fonts.googleapis.com
3 swarmpush.com www.googletagmanager.com
swarmpush.com
3 2track.info 2track.info
2 www.googletagmanager.com freedirtygame.com
www.googletagmanager.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com 2track.info
1 fonts.googleapis.com freedirtygame.com
1 geoip.enlistsecurely.com freedirtygame.com
1 bintrck.xyz 1 redirects
1 adverster.g2afse.com 1 redirects
35 13

This site contains no links.

Subject Issuer Validity Valid
*.2track.info
Amazon		 2022-01-21 -
2023-02-19		 a year crt.sh
freedirtygame.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-01 -
2022-10-01		 a year crt.sh
*.enlistsecurely.com
AlphaSSL CA - SHA256 - G2		 2022-04-02 -
2023-05-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-09 -
2022-07-08		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Frame ID: 28C5718A40FA6F0F9E6BC663B6A7C6F1
Requests: 33 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 075D640F4834587998FCA338AEB57749
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FAMILY CHEATERS

Page URL History Show full URLs

  1. https://2track.info/aSsQ Page URL
  2. https://adverster.g2afse.com/click?pid=27&offer_id=17&sub1=0002b1b08914-9aa4-4893-ab45-66fbb36a5cbc&sub4=... HTTP 302
    https://bintrck.xyz/click.php?key=mgs1wi7om9vhn9swgcyz&code=624b0b1e413e6500011207eb&sub1=0002b1... HTTP 302
    https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div id="particles-js">
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

94 %
HTTPS

38 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

1018 kB
Transfer

1639 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2track.info/aSsQ Page URL
  2. https://adverster.g2afse.com/click?pid=27&offer_id=17&sub1=0002b1b08914-9aa4-4893-ab45-66fbb36a5cbc&sub4=12117 HTTP 302
    https://bintrck.xyz/click.php?key=mgs1wi7om9vhn9swgcyz&code=624b0b1e413e6500011207eb&sub1=0002b1b08914-9aa4-4893-ab45-66fbb36a5cbc&sub2=Adult+game+-+FamilyCheaters+-+Blue+-+all+languages&sub3=Paysale&sub4=12117&sub5=27 HTTP 302
    https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aSsQ
2track.info/ 		623 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2track.info/aSsQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.154.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-154-106.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
b880131e0b4157b4ffc3267a0c5bc9ddf9344a218fb35d855a609682bd836eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-length
623
content-type
text/html; charset=utf-8
cross-origin-window-policy
deny
date
Mon, 04 Apr 2022 15:13:34 GMT
server
Cowboy
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
FuK6Q9b9iI4LfFMlpVBB
x-xss-protection
1; mode=block
app-642ae931240e0db1527587cdf74aca7e.js
2track.info/js/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2track.info/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Requested by
Host: 2track.info
URL: https://2track.info/aSsQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.154.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-154-106.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
44eb1c43dbd5953c5d3aea031d0470770cc422a7ec6bd6b444891ecb9d728835

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2track.info/aSsQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:13:34 GMT
content-encoding
gzip
server
Cowboy
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17813
data
2track.info/post/ 		0
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2track.info/post/data
Requested by
Host: 2track.info
URL: https://2track.info/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.154.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-154-106.eu-central-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2track.info/aSsQ
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Apr 2022 15:13:34 GMT
x-content-type-options
nosniff
server
Cowboy
cross-origin-window-policy
deny
x-download-options
noopen
x-permitted-cross-domain-policies
none
cache-control
max-age=0, private, must-revalidate
x-xss-protection
1; mode=block
x-request-id
FuK6Q_HECP8qYswlpVCB
Primary Request /
freedirtygame.com/pre/Vip_v3/
Redirect Chain
  • https://adverster.g2afse.com/click?pid=27&offer_id=17&sub1=0002b1b08914-9aa4-4893-ab45-66fbb36a5cbc&sub4=12117
  • https://bintrck.xyz/click.php?key=mgs1wi7om9vhn9swgcyz&code=624b0b1e413e6500011207eb&sub1=0002b1b08914-9aa4-4893-ab45-66fbb36a5cbc&sub2=Adult+game+-+FamilyCheaters+-+Blue+-+all+languages&sub3=Paysa...
  • https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Requested by
Host: 2track.info
URL: https://2track.info/js/app-642ae931240e0db1527587cdf74aca7e.js?vsn=d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
47ab6a3047f4ceae885b29dfe6f3d090a5db3bdb95f34acade46bf8ff2b0cbc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://2track.info/aSsQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=2678400
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 04 Apr 2022 15:13:34 GMT
ETag
W/"624b035e-4ef3"
Expires
Thu, 05 May 2022 15:13:34 GMT
Last-Modified
Mon, 04 Apr 2022 14:40:30 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 04 Apr 2022 15:13:34 GMT
location
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
server
nginx/1.18.0
strict-transport-security
max-age=31536000
base.css
freedirtygame.com/pre/Vip_v3/files/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/pre/Vip_v3/files/base.css
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
74513c2bbc71663fa92f0136a9298c542535fd651f7acffeced860dba7654d9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 15:13:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 14:40:32 GMT
Server
nginx
ETag
W/"624b0360-3272"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 05 May 2022 15:13:34 GMT
theme_v2.css
freedirtygame.com/pre/Vip_v3/files/ 		1 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/pre/Vip_v3/files/theme_v2.css
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
93a419a7a09b69031c143624d5926563aefc09e755b14e5fe15859e950fd93dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 15:13:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 14:40:43 GMT
Server
nginx
ETag
W/"624b036b-5ad"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 05 May 2022 15:13:34 GMT
jquery-2.2.4.min.js
freedirtygame.com/pre/Vip_v3/files/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/pre/Vip_v3/files/jquery-2.2.4.min.js
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 15:13:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 14:40:37 GMT
Server
nginx
ETag
W/"624b0365-14e4a"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 05 May 2022 15:13:34 GMT
lang.js
freedirtygame.com/pre/Vip_v3/files/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/pre/Vip_v3/files/lang.js
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
6dff9aae0f2a69c6a7ea68c579a616d1b337e4b1a1a1dda595b86462c07d5001

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 15:13:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 14:40:38 GMT
Server
nginx
ETag
W/"624b0366-29fe"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 05 May 2022 15:13:34 GMT
no-mute.png
freedirtygame.com/pre/Vip_v3/files/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/pre/Vip_v3/files/no-mute.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
27746480fed50a7132fd291a781f2db93e591a58f18603860551c689050c6281

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 15:13:35 GMT
Last-Modified
Mon, 04 Apr 2022 14:40:40 GMT
Server
nginx
ETag
"624b0368-450f"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17679
Expires
Thu, 05 May 2022 15:13:35 GMT
iframeResizer.min.js
freedirtygame.com/pre/Vip_v3/files/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/pre/Vip_v3/files/iframeResizer.min.js
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 15:13:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 14:40:35 GMT
Server
nginx
ETag
W/"624b0363-2e17"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 05 May 2022 15:13:34 GMT
/
geoip.enlistsecurely.com/ 		401 B
712 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.enlistsecurely.com/
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.28.6-0.el6 /
Resource Hash
5ebe4a5c5c00d9a6d2d356e8de7a3c9b5ad9b7e3b313f31e78adf526ccf6c5bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 15:13:36 GMT
server
waf/4.28.6-0.el6
x-ws-request-id
624b0b1f_PSdgflkfFRA1gi91_15190-52884
x-via
1.1 PS-SJC-011UH181:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript
expires
0
ion.sound.min.js
freedirtygame.com/pre/Vip_v3/files/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/pre/Vip_v3/files/ion.sound.min.js
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 15:13:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Apr 2022 14:40:37 GMT
Server
nginx
ETag
W/"624b0365-3220"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 05 May 2022 15:13:35 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/files/base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a88ce91973db785f97f36190076524efa8b9ebbb37e1200ce8ae24156959c482
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 15:04:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Apr 2022 15:13:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Apr 2022 15:13:35 GMT
gtm.js
www.googletagmanager.com/ 		163 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8ad0523b2fc782ef4d4db4b4cc174d54d55be3a56e12ec9c7e0b3b28482c4b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:13:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53265
x-xss-protection
0
expires
Mon, 04 Apr 2022 15:13:35 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:30:19 GMT
x-content-type-options
nosniff
age
416596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8668
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:10:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:30:19 GMT
pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 20:02:54 GMT
x-content-type-options
nosniff
age
414641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8596
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:25 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 20:02:54 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:30:15 GMT
x-content-type-options
nosniff
age
416600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:30:15 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,400i,700,700i&amp;display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:30:15 GMT
x-content-type-options
nosniff
age
416600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:17:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 30 Mar 2023 19:30:15 GMT
js
www.googletagmanager.com/gtag/ 		176 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NN1C546X3F&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84a3b043539dd7b796fc5c5c123437744cc1c1818f2adaab4dfb1b1c64f8f149
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:13:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
66132
x-xss-protection
0
expires
Mon, 04 Apr 2022 15:13:35 GMT
optimize.js
www.google-analytics.com/gtm/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-TM9ZR3P
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd34b881fed53bb4dfdbe1ebae5f7aff06c55c777f5967363917222d7b14c761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:13:35 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36243
x-xss-protection
0
expires
Mon, 04 Apr 2022 15:13:35 GMT
collect
www.google-analytics.com/g/ 		0
151 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NN1C546X3F&gtm=2oe3u0&_p=1661271935&sr=1600x1200&_z=ccd.AI&ul=en-us&cid=1811753011.1649085216&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FVip_v3%2F%3Fclickid%3D095cctlirejvcdz76a%26country%3DDE%26m1%3DChrome%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&dr=https%3A%2F%2F2track.info%2F&dt=FAMILY%20CHEATERS&sid=1649085215&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.userId=095cctlirejvcdz76a
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NN1C546X3F&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 15:13:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedirtygame.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5926
date
Mon, 04 Apr 2022 13:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 04 Apr 2022 15:34:50 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1661271935&t=pageview&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FVip_v3%2F%3Fclickid%3D095cctlirejvcdz76a%26country%3DDE%26m1%3DChrome%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&dr=https%3A%2F%2F2track.info%2F&ul=en-us&de=UTF-8&dt=FAMILY%20CHEATERS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAAC~&jid=607312152&gjid=637139504&cid=1811753011.1649085216&uid=095cctlirejvcdz76a&tid=UA-150844200-5&_gid=396177927.1649085216&_r=1&gtm=2wg3u0PVSSXTS&cd1=pre%20Vip_v3&cd2=&cd3=095cctlirejvcdz76a&cd4=en&cd5=095cctlirejvcdz76a&cd6=de&cd7=chrome&cd8=1059&cd9=adult%20game&cd10=1059&cd11=%7Bcampaign.name%7D&cd16=&cd17=freedirtygame.com&z=1224635352
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://freedirtygame.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 15:13:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedirtygame.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
l_step_27.jpg
freedirtygame.com/pre/Vip_v3/files/ 		633 KB
633 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/pre/Vip_v3/files/l_step_27.jpg
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
b6deb054d7f957909c4efdc160409fe72d4eeda9cdbba5b9e6d5b7fa4df32c48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Mon, 04 Apr 2022 15:13:35 GMT
Last-Modified
Mon, 04 Apr 2022 14:40:40 GMT
Server
nginx
ETag
"624b0368-9e22a"
Content-Type
image/jpeg
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
647722
Expires
Thu, 05 May 2022 15:13:35 GMT
app.js
swarmpush.com/s/pushilka/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarmpush.com/s/pushilka/app.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bccff761c597e401848195d9a96a0d9831797a9582d015e6cc855dce845b973

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:13:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4888
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed
/
last-modified
Sun, 26 Dec 2021 15:59:29 GMT
server
cloudflare
etag
W/"61c89161-1318"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ybhg9JHnEBWyWnWn%2B5mYa5MZXX9mP1h7YSWKwLFkj5No5SSDx4iK07uztxB7cbgvDOfghlXkirw6T0ol4Z%2BsU%2FAdJKLEyVpLQWxZ8ewubHX8%2BLsNBYOnrY6QRHnzAuLh22Hz0C2rteC4QHY3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f6afd2959209237-FRA
expires
Mon, 04 Apr 2022 15:13:35 GMT
hotjar-2287191.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2287191.js?sv=6
Requested by
Host: 2track.info
URL: https://2track.info/aSsQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-112.fra56.r.cloudfront.net
Software
/
Resource Hash
1052a77b0d63bcdf6a295c1c03578cf82801ea6f64bdc122a09a26e42cf8ea64
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:13:34 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
5
etag
W/17f974c597575f0e180fc4cf21aac449
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
OIDMS-oYVflDOIOK5nop_tdIgVCBUH4wk4XUU9F0YWQthLw2GtJIkQ==
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1661271935&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FVip_v3%2F%3Fclickid%3D095cctlirejvcdz76a%26country%3DDE%26m1%3DChrome%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&dr=https%3A%2F%2F2track.info%2F&ul=en-us&de=UTF-8&dt=FAMILY%20CHEATERS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=loaded&ea=first%20page&el=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FVip_v3%2F%3Fclickid%3D095cctlirejvcdz76a%26country%3DDE%26m1%3DChrome%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&_u=aADAAEABQAAAAC~&jid=&gjid=&cid=1811753011.1649085216&tid=UA-150844200-5&_gid=396177927.1649085216&gtm=2wg3u0PVSSXTS&cd1=pre%20Vip_v3&cd2=&cd3=095cctlirejvcdz76a&cd4=en&cd5=095cctlirejvcdz76a&cd6=de&cd7=chrome&cd8=1059&cd9=adult%20game&cd10=1059&cd11=%7Bcampaign.name%7D&cd16=&cd17=freedirtygame.com&z=76099671
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 12:34:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9557
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
modules.681b17e679ac939c3f40.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.681b17e679ac939c3f40.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2287191.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-16.fra6.r.cloudfront.net
Software
/
Resource Hash
c48af1698e6e13a34a137eb360a3e7d0937ba31bd0332eee8af2b2972b49dd49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 10:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
18690
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63051
access-control-allow-origin
*
last-modified
Mon, 04 Apr 2022 10:02:01 GMT
etag
"3c5b1dac19edd9cdf05d029e575db3b3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
BlNeAQhyr3g_wB4MMhO9x9kXcxQhZYIRP1O2uxnacyDgoo0JV-piRg==
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 075D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2287191.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-118.fra53.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
5120490
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Feb 2022 08:52:06 GMT
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
vary
Accept-Encoding
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
x-amz-cf-id
pvc5MFt-DAN6-ssDYLypHDriTOSAnqXRuCgxhB_iZ5A5SXdCuserbA==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
serviceWorker.js
freedirtygame.com/ Frame 		0
0
event
swarmpush.com/ 		0
0
app.css
swarmpush.com/s/pushilka/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swarmpush.com/s/pushilka/app.css
Requested by
Host: swarmpush.com
URL: https://swarmpush.com/s/pushilka/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74934db0a8829b280a64167629bfa3855dd2a50c641fa5baa8c927a3cb6ff1d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:13:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3281
cf-polished
origSize=1649
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 26 Dec 2021 15:59:29 GMT
server
cloudflare
etag
W/"61c89161-671"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDOrhEtNKgZohNGnmBUTHpylVQA3kgUi1c0yDrGRIpRbKcgWNO9EVvqcPL%2BoaIf9fRxoSxQw12EqNW7EfeSo9gG94yfFHllGL%2FjMg7vh09mbSgpl7t4bBM8ZgBnKDIx2sMFThV2yeTUAQ9bF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6f6afd2a6c87997a-FRA
cf-bgj
minify
bell.webp
swarmpush.com/s/pushilka/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swarmpush.com/s/pushilka/bell.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76318a01b1c1e58ce7b96a7c9de5d6867287b78b84a5ed9a8859d45cc512f283

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Apr 2022 15:13:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6388
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20864
last-modified
Sun, 26 Dec 2021 15:59:29 GMT
server
cloudflare
etag
"61c89161-5180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGn30S09S65eHH7%2FuAWEpNMr1mB4Xty0meVCWGTwGmDB1aPQEwiUCp754MFlBwuTA5R0lVQGoJUsMQ7XvRltxJXoqVQwXczgbXa46m2x7gAROMHg5pJjgn4rYxyBfrZkwqj%2B6LjitKwLyNJc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6f6afd2a6c8b997a-FRA
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1661271935&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FVip_v3%2F%3Fclickid%3D095cctlirejvcdz76a%26country%3DDE%26m1%3DChrome%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&dr=https%3A%2F%2F2track.info%2F&ul=en-us&de=UTF-8&dt=FAMILY%20CHEATERS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=push&ea=show&_u=aADAAEABQAAAAC~&jid=&gjid=&cid=1811753011.1649085216&tid=UA-150844200-5&_gid=396177927.1649085216&gtm=2wg3u0PVSSXTS&cd1=pre%20Vip_v3&cd2=&cd3=095cctlirejvcdz76a&cd4=en&cd5=095cctlirejvcdz76a&cd6=de&cd7=chrome&cd8=1059&cd9=adult%20game&cd10=1059&cd11=%7Bcampaign.name%7D&cd16=&cd17=freedirtygame.com&z=1452734106
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 12:34:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
9557
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NN1C546X3F&gtm=2oe3u0&_p=1661271935&sr=1600x1200&_z=ccd.AI&ul=en-us&cid=1811753011.1649085216&_s=2&dl=https%3A%2F%2Ffreedirtygame.com%2Fpre%2FVip_v3%2F%3Fclickid%3D095cctlirejvcdz76a%26country%3DDE%26m1%3DChrome%26m2%3DGermany%26voluum_id%3D1059%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1059%26partner%3DBC%26next%3DVip_v1&dr=https%3A%2F%2F2track.info%2F&dt=FAMILY%20CHEATERS&sid=1649085215&sct=1&seg=0&en=scroll&_et=550&ep.userId=095cctlirejvcdz76a&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NN1C546X3F&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Apr 2022 15:13:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedirtygame.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
freedirtygame.com
URL
https://freedirtygame.com/serviceWorker.js
Domain
swarmpush.com
URL
https://swarmpush.com/event

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| dataLayer function| $ function| jQuery function| lang function| getURLParameter function| iFrameResize object| google_tag_manager string| GoogleAnalyticsObject function| ga string| message function| clickIE function| clickNS object| google_tag_data object| gaGlobal object| google_optimize object| gaplugins object| gaData function| geoip_country_code function| geoip_country_name function| geoip_city function| geoip_region function| geoip_region_name function| geoip_latitude function| geoip_longitude function| geoip_postal_code function| geoip_resolved_ip object| ion function| getBrowser function| scrollToElem function| respondToSubmit boolean| iOS string| sys object| audioObjects number| step string| padding_top boolean| soundStatus number| volume number| count function| traff function| hj object| _hjSettings function| GetQueryString function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| Pushilka function| pushilkaGetURLParameter object| pushilka

17 Cookies

Domain/Path Name / Value
2track.info/ Name: client_uid
Value: af9df150-8d67-4291-a4fb-e0b8f524a8c9
2track.info/ Name: sub_id
Value: 166086
2track.info/ Name: visit
Value: 0002b1b08914-9aa4-4893-ab45-66fbb36a5cbc
adverster.g2afse.com/ Name: afclick
Value: 624b0b1e413e6500011207eb
adverster.g2afse.com/ Name: afoffers
Value: {"17":1649085214}
bintrck.xyz/ Name: uclick
Value: tlirejvcdz
bintrck.xyz/ Name: uclickhash
Value: tlirejvcdz-tlirejvcdz-2tsc-0-7sntvr-gxfytl-gxfyp2-f699b3
.freedirtygame.com/ Name: _ga
Value: GA1.2.1811753011.1649085216
.freedirtygame.com/ Name: _gid
Value: GA1.2.396177927.1649085216
.freedirtygame.com/ Name: _gat_UA-150844200-5
Value: 1
.freedirtygame.com/ Name: _hjSessionUser_2287191
Value: eyJpZCI6IjdhYzhhZTUzLTY1ODQtNTJlOC05NGYzLTEyNzE1NzdlMzc4NCIsImNyZWF0ZWQiOjE2NDkwODUyMTYyNTcsImV4aXN0aW5nIjpmYWxzZX0=
.freedirtygame.com/ Name: _hjFirstSeen
Value: 1
freedirtygame.com/ Name: _hjIncludedInSessionSample
Value: 0
.freedirtygame.com/ Name: _hjSession_2287191
Value: eyJpZCI6IjQ0NzQ4NjM1LTAxZjEtNDQ1ZC1hNTM4LWNlZWEzODkwZDdmOSIsImNyZWF0ZWQiOjE2NDkwODUyMTYzMDgsImluU2FtcGxlIjpmYWxzZX0=
.freedirtygame.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.freedirtygame.com/ Name: _ga_NN1C546X3F
Value: GS1.1.1649085215.1.0.1649085216.0
freedirtygame.com/ Name: pushilka_vid
Value: 1798jzq-ca7u90

3 Console Messages

Source Level URL
Text
other warning URL: https://freedirtygame.com/pre/Vip_v3/files/ion.sound.min.js(Line 4)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
javascript error URL: https://freedirtygame.com/pre/Vip_v3/?clickid=095cctlirejvcdz76a&country=DE&m1=Chrome&m2=Germany&voluum_id=1059&tsource={campaign.name}&campaign=1059&partner=BC&next=Vip_v1
Message:
Access to fetch at 'https://swarmpush.com/event' from origin 'https://freedirtygame.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://swarmpush.com/event
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2track.info
adverster.g2afse.com
bintrck.xyz
fonts.googleapis.com
fonts.gstatic.com
freedirtygame.com
geoip.enlistsecurely.com
script.hotjar.com
static.hotjar.com
swarmpush.com
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
freedirtygame.com
swarmpush.com
143.204.215.118
157.230.211.91
163.171.128.172
212.32.250.10
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:810::200e
2a00:1450:4001:82b::200a
2a06:98c1:3121::7
3.68.154.106
5.189.171.71
65.9.66.112
99.86.7.16
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1052a77b0d63bcdf6a295c1c03578cf82801ea6f64bdc122a09a26e42cf8ea64
27746480fed50a7132fd291a781f2db93e591a58f18603860551c689050c6281
2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba
35a59efb7049b51b061c5b4a00d2cb1a648a047a3406d55e500f3d6349052d33
44eb1c43dbd5953c5d3aea031d0470770cc422a7ec6bd6b444891ecb9d728835
47ab6a3047f4ceae885b29dfe6f3d090a5db3bdb95f34acade46bf8ff2b0cbc3
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4bccff761c597e401848195d9a96a0d9831797a9582d015e6cc855dce845b973
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
5ebe4a5c5c00d9a6d2d356e8de7a3c9b5ad9b7e3b313f31e78adf526ccf6c5bd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dff9aae0f2a69c6a7ea68c579a616d1b337e4b1a1a1dda595b86462c07d5001
74513c2bbc71663fa92f0136a9298c542535fd651f7acffeced860dba7654d9a
74934db0a8829b280a64167629bfa3855dd2a50c641fa5baa8c927a3cb6ff1d0
76318a01b1c1e58ce7b96a7c9de5d6867287b78b84a5ed9a8859d45cc512f283
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a3b043539dd7b796fc5c5c123437744cc1c1818f2adaab4dfb1b1c64f8f149
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93a419a7a09b69031c143624d5926563aefc09e755b14e5fe15859e950fd93dc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a88ce91973db785f97f36190076524efa8b9ebbb37e1200ce8ae24156959c482
b6deb054d7f957909c4efdc160409fe72d4eeda9cdbba5b9e6d5b7fa4df32c48
b880131e0b4157b4ffc3267a0c5bc9ddf9344a218fb35d855a609682bd836eb4
c48af1698e6e13a34a137eb360a3e7d0937ba31bd0332eee8af2b2972b49dd49
d8ad0523b2fc782ef4d4db4b4cc174d54d55be3a56e12ec9c7e0b3b28482c4b7
dd34b881fed53bb4dfdbe1ebae5f7aff06c55c777f5967363917222d7b14c761
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855