urlscan.io logo urlscan.io
SecurityTrails logo

dirty.games Open in urlscan Pro
54.85.213.235  Public Scan

Go To Rescan Add Verdict Report
URL: https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia...
Submission: On October 13 via manual from FI — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 13 domains to perform 33 HTTP transactions. The main IP is 54.85.213.235, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is dirty.games.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 2nd 2021. Valid for: a year.
This is the only time dirty.games was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 54.85.213.235 14618 (AMAZON-AES)
1 216.58.212.138 15169 (GOOGLE)
1 1 44.229.144.58 16509 (AMAZON-02)
1 11 163.171.128.172 54994 (QUANTILNE...)
1 89.187.169.47 60068 (CDN77 ^_^)
2 104.16.18.94 13335 (CLOUDFLAR...)
2 216.58.212.170 15169 (GOOGLE)
2 152.199.19.160 15133 (EDGECAST)
1 69.16.175.10 33438 (HIGHWINDS2)
5 104.18.22.52 13335 (CLOUDFLAR...)
2 172.217.16.136 15169 (GOOGLE)
1 142.250.185.142 15169 (GOOGLE)
33 11
6    54.85.213.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-213-235.compute-1.amazonaws.com
dirty.games
1    216.58.212.138 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f10.1e100.net
ajax.googleapis.com
1    44.229.144.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-144-58.us-west-2.compute.amazonaws.com
bitlnd.com
11    163.171.128.172 (Germany)

ASN54994 (QUANTILNETWORKS, US)
enlistopenly.com
enter-shield.com
geoip.openlyenter.com
1    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
dg-videos.b-cdn.net
2    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net
fonts.googleapis.com
2    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    69.16.175.10 (United States)

ASN33438 (HIGHWINDS2, US)
PTR: tlb.hwcdn.net
code.jquery.com
5    104.18.22.52 (None, )

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
2    172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f136.1e100.net
www.googletagmanager.com
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
Domain Requested by
9 enter-shield.com dirty.games
enter-shield.com
6 dirty.games dirty.games
4 ka-p.fontawesome.com kit.fontawesome.com
2 www.googletagmanager.com enter-shield.com
2 ajax.aspnetcdn.com enter-shield.com
2 fonts.googleapis.com enter-shield.com
2 cdnjs.cloudflare.com enter-shield.com
cdnjs.cloudflare.com
1 www.google-analytics.com www.googletagmanager.com
1 kit.fontawesome.com enter-shield.com
1 code.jquery.com enter-shield.com
1 geoip.openlyenter.com enter-shield.com
1 dg-videos.b-cdn.net dirty.games
1 enlistopenly.com 1 redirects
1 bitlnd.com 1 redirects
1 ajax.googleapis.com dirty.games
33 15

This site contains no links.

Subject Issuer Validity Valid
dirty.games
Sectigo RSA Domain Validation Secure Server CA		 2021-06-02 -
2022-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.enter-shield.com
AlphaSSL CA - SHA256 - G2		 2020-07-30 -
2022-07-31		 2 years crt.sh
*.b-cdn.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-11 -
2021-11-11		 a year crt.sh
*.openlyenter.com
AlphaSSL CA - SHA256 - G2		 2021-01-04 -
2022-02-05		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Frame ID: F9B51A5BBA1C13358ED1CFA379CD342B
Requests: 8 HTTP requests in this frame

Frame: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Frame ID: 0B72FC4672353B1599BCEE8211C2C762
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dirty Games

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

33
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

11
IPs

3
Countries

2266 kB
Transfer

3192 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://bitlnd.com/ep.php/prmagms:72632/68089:tf.d98dtgfur9s7mr5bi95ai612 HTTP 302
  • https://enlistopenly.com/signup/?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1 HTTP 302
  • https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request acc2.php
dirty.games/eg/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.85.213.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-213-235.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash
bf5872793f1b495141784e520b11dcc25225995d5de302e8704b1184a15cc9e4

Request headers

Host
dirty.games
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 13 Oct 2021 19:48:42 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
X-Powered-By
PHP/5.6.40
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: dirty.games
URL: https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 20:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 11 Oct 2022 20:29:08 GMT
style.css
dirty.games/eg/acc1_files/ 		26 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirty.games/eg/acc1_files/style.css
Requested by
Host: dirty.games
URL: https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.85.213.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-213-235.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
da5c86fc2b80d27aca5a12a45ca54bd8fb11f9b3ed91f0b72d2a1ada8bd9e207

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dirty.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:48:42 GMT
Last-Modified
Tue, 18 May 2021 13:29:14 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"6960-5c29ab242288d"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26976
custom.css
dirty.games/eg/acc1_files/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirty.games/eg/acc1_files/custom.css
Requested by
Host: dirty.games
URL: https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.85.213.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-213-235.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
03647396344ca444ec1eef5e68ee88f6ff4b59384fec2830fa013ebf7ca914f7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dirty.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:48:42 GMT
Last-Modified
Wed, 12 May 2021 09:12:49 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"1970-5c21e6a30643e"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6512
redirect3_1step.js
dirty.games/files/ 		633 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dirty.games/files/redirect3_1step.js
Requested by
Host: dirty.games
URL: https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.85.213.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-213-235.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
2cd14766b89f74025ca3c64c833dbdad8066543dfae0575f629008367168bedd

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dirty.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:48:42 GMT
Last-Modified
Fri, 21 May 2021 13:29:17 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"279-5c2d70bea9e3f"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
633
custom.js
dirty.games/eg/acc1_files/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirty.games/eg/acc1_files/custom.js
Requested by
Host: dirty.games
URL: https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.85.213.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-213-235.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
f6986e7e9308ac9bbfe5c29ce21d11c89e03221b937c094e56b8a8bb81b20843

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dirty.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:48:42 GMT
Last-Modified
Mon, 27 Sep 2021 13:45:19 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"14b8-5ccfa4ed0491f"
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5304
join.php
enter-shield.com/join/ Frame 0B72
Redirect Chain
  • https://bitlnd.com/ep.php/prmagms:72632/68089:tf.d98dtgfur9s7mr5bi95ai612
  • https://enlistopenly.com/signup/?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1
  • https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4...
29 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Requested by
Host: dirty.games
URL: https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
fe5b4861e4a86e9e65f84608f8ed4027e9eaa06234cb1a358c5d06ece62dfb72

Request headers

:method
GET
:authority
enter-shield.com
:scheme
https
:path
/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
content-type
text/html; charset=UTF-8
server
waf/4.26.4-19.el6
set-cookie
PHPSESSID=5f8bf277fc01423d2ce73e625f549ced; path=/; secure; SameSite=None
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding
gzip
x-via
1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:0 (Cdn Cache Server V2.0)
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12002

Redirect headers

date
Wed, 13 Oct 2021 19:48:43 GMT
content-type
text/html; charset=UTF-8
server
waf/4.26.4-19.el6
set-cookie
PHPSESSID=1ab058d5252e2217d80f157824c48fd4; path=/; secure; SameSite=None HMF_CI=90f0e96f86cbfbc6b8d0e3238d6f48669f9575dfa9ecc1d6703470c3cba50bc914; Expires=Fri, 12-Nov-21 19:48:43 GMT; Path=/
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
expires
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
x-via
1.1 lsh190:8 (Cdn Cache Server V2.0), 1.1 kf230:13 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:11 (Cdn Cache Server V2.0)
x-ws-request-id
6167381b_PSdgflkfFRA1bc9_12694-5432
icons.svg
dirty.games/eg/acc1_files/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirty.games/eg/acc1_files/icons.svg
Requested by
Host: dirty.games
URL: https://dirty.games/eg/acc1_files/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.85.213.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-213-235.compute-1.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash
c8405193be6e367fbf1331feacd7af0dafff2d78d064a29ac469aedfc39b29c7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
dirty.games
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://dirty.games/eg/acc1_files/style.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://dirty.games/eg/acc1_files/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 19:48:42 GMT
Last-Modified
Wed, 12 May 2021 09:20:47 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
ETag
"fae-5c21e86a2d28f"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
4014
736x426_acc_bg2.mp4
dg-videos.b-cdn.net/bg/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://dg-videos.b-cdn.net/bg/736x426_acc_bg2.mp4
Requested by
Host: dirty.games
URL: https://dirty.games/eg/acc1_files/custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
f496ae2bc3389bd4ed4d40f55ebdebb3cd4d7953c55178d2e3bc3aee0dbcd307

Request headers

Referer
https://dirty.games/eg/acc2.php?clk=d98dtgfur9s7mr5bi95ai612&cid=&exo=&countryname=Finland&region=Northern%20Savonia&os=Android&browser=Chrome&campaign=38c6b20f-b4f9-485e-be75-49b76368ae57&SID=tj-tablet-rt-ts-int&SID2=all-Redtube%20Tablet-%20TopRight%20Square&SID3=315x300_sep307.mp4&SID4=Redtube%20Tablet-%20TopRight%20Square&language=English&id=&ci=1
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 13 Oct 2021 19:48:42 GMT
cdn-edgestorageid
756
cdn-fileserver
89
cdn-storageserver
DE-169
Content-Range
bytes 0-1706420/1706421
cdn-cachedat
08/11/2021 02:25:24
cdn-pullzone
197902
Content-Length
1706421
server
BunnyCDN-DE1-756
last-modified
Tue, 18 May 2021 14:29:02 GMT
cdn-proxyver
1.0
cdn-requestpullcode
206
content-type
video/mp4
cdn-cache
HIT
cdn-uid
90afae06-e50c-4631-b9a4-06f4f476cba3
cache-control
public, max-age=2592000
cdn-requestid
37c6e63d523571b221ddd0b6be7955ce
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
/
geoip.openlyenter.com/ Frame 0B72 		401 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geoip.openlyenter.com/?v=1
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
44f93bdff09df1d94263a0a434cd5de9d39e02375cd71d59bece14b84ba84bbc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 19:48:45 GMT
server
waf/4.26.4-19.el6
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_17526-8696
x-via
1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:9 (Cdn Cache Server V2.0)
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript
expires
0
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 0B72 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3122073
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5884
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-9226"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTN3ZMLdHrlaJPQg5hwUfhaYUChTr%2BNE9CikYZOYXnJxTNomv3o3tV9a88kLDRvQQUmewDNF%2Bnx905cHK3cQYCHl96HwQLB7FTFEcptcD4MOx79lHfNzdIg%2FJk7bEvySFzcIJo%2FO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69db1653fe9105e9-FRA
expires
Mon, 03 Oct 2022 19:48:44 GMT
icon
fonts.googleapis.com/ Frame 0B72 		569 B
441 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f10.1e100.net
Software
ESF /
Resource Hash
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 19:48:44 GMT
server
ESF
date
Wed, 13 Oct 2021 19:48:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 13 Oct 2021 19:48:44 GMT
bootstrap.min.css
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/ Frame 0B72 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1B) /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 31 Oct 2016 23:10:18 GMT
server
ECAcc (frc/8F1B)
age
7408707
etag
"794840f2cb33d21:0"
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-ec-bbr-enable
1
accept-ranges
bytes
timing-allow-origin
*
content-length
121200
x-xss-protection
1; mode=block
clickpag2.css
enter-shield.com/common_tpls/compactML/css/ Frame 0B72 		44 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://enter-shield.com/common_tpls/compactML/css/clickpag2.css
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
4aca85d95784d80f98e3de60f5c7367e5df977033c835dfa4a89e247048a2f5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
content-encoding
gzip
last-modified
Fri, 23 Jul 2021 23:00:42 GMT
server
waf/4.26.4-19.el6
age
1
etag
W/"60fb4a1a-b1a9"
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12033
x-via
1.1 lsh190:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:6 (Cdn Cache Server V2.0)
content-type
text/css
jquery-3.4.1.min.js
code.jquery.com/ Frame 0B72 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://enter-shield.com/
Origin
https://enter-shield.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1634154524.dop204.fr8.t,1634154524.cds216.fr8.hn,1634154524.cds261.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
bootstrap.min.js
ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/ Frame 0B72 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F74) /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://enter-shield.com/
Origin
https://enter-shield.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11716950
x-cache
HIT
content-length
9839
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:09:59 GMT
server
ECAcc (frc/8F74)
etag
"80bdc1e6cb33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
b314bdf1b3.js
kit.fontawesome.com/ Frame 0B72 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b314bdf1b3.js
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aed604182c192f5ee87b3c1f8bcbcd5310960a2848d2dfad9d8a2c0bab06e249
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://enter-shield.com/
Origin
https://enter-shield.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
HIT
age
34
strict-transport-security
max-age=31536000; preload
x-request-id
FqeLm1LboBMDvIcAAGqD
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
69db16540c084e9e-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
form_support.js
enter-shield.com/common_tpls/js/ Frame 0B72 		977 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enter-shield.com/common_tpls/js/form_support.js?v=1516308712
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-15.el6 /
Resource Hash
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
last-modified
Tue, 19 Jan 2021 00:12:19 GMT
server
waf/4.26.4-15.el6
age
1
etag
"600623e3-3d1"
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12034
content-type
application/javascript
accept-ranges
bytes
content-length
977
x-via
1.1 lsh190:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:0 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:3 (Cdn Cache Server V2.0)
validate_form_v2.js
enter-shield.com/common_tpls/js/ Frame 0B72 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enter-shield.com/common_tpls/js/validate_form_v2.js?jsv=20
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
89d4b7e60391fb802c7bfae97619f5b13a212f1d318bf3944d7667412c6ec20a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
last-modified
Wed, 06 Oct 2021 14:04:56 GMT
server
waf/4.26.4-19.el6
age
1
etag
"615dad08-5927"
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12035
content-type
application/javascript
accept-ranges
bytes
content-length
22823
x-via
1.1 lsh190:3 (Cdn Cache Server V2.0), 1.1 kf230:11 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:10 (Cdn Cache Server V2.0)
css2
fonts.googleapis.com/ Frame 0B72 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;600&display=swap
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f10.1e100.net
Software
ESF /
Resource Hash
ce37db8136546197bf5b555d0baede4d5944955799fdf64a7ebabca3599164e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 19:36:10 GMT
server
ESF
date
Wed, 13 Oct 2021 19:48:44 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 13 Oct 2021 19:48:44 GMT
email.png
enter-shield.com/common_tpls/images/icons/ Frame 0B72 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enter-shield.com/common_tpls/images/icons/email.png
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
last-modified
Tue, 16 Jun 2020 16:45:10 GMT
server
waf/4.26.4-19.el6
age
1
etag
"5ee8f716-4e6"
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12039
content-type
image/png
accept-ranges
bytes
content-length
1254
x-via
1.1 lsh190:8 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:2 (Cdn Cache Server V2.0)
password.png
enter-shield.com/common_tpls/images/icons/ Frame 0B72 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enter-shield.com/common_tpls/images/icons/password.png
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
last-modified
Tue, 16 Jun 2020 16:45:10 GMT
server
waf/4.26.4-19.el6
age
1
etag
"5ee8f716-5ac"
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12040
content-type
image/png
accept-ranges
bytes
content-length
1452
x-via
1.1 PS-DFW-01gGZ147:3 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1hb199:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:10 (Cdn Cache Server V2.0)
fname.png
enter-shield.com/common_tpls/images/icons/ Frame 0B72 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enter-shield.com/common_tpls/images/icons/fname.png
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
last-modified
Tue, 28 Nov 2017 20:51:58 GMT
server
waf/4.26.4-19.el6
age
1
etag
"5a1dcc6e-671"
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12043
content-type
image/png
accept-ranges
bytes
content-length
1649
x-via
1.1 PS-SJC-011UH181:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:5 (Cdn Cache Server V2.0)
address.png
enter-shield.com/common_tpls/images/icons/ Frame 0B72 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://enter-shield.com/common_tpls/images/icons/address.png
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
last-modified
Tue, 16 Jun 2020 16:45:10 GMT
server
waf/4.26.4-19.el6
age
1
etag
"5ee8f716-48f"
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12045
content-type
image/png
accept-ranges
bytes
content-length
1167
x-via
1.1 lsh190:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1dm92:1 (Cdn Cache Server V2.0)
iframeResizer.contentWindow.min.js
enter-shield.com/common_tpls/js/ Frame 0B72 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enter-shield.com/common_tpls/js/iframeResizer.contentWindow.min.js
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
163.171.128.172 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
waf/4.26.4-19.el6 /
Resource Hash
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
last-modified
Tue, 16 Jun 2020 16:45:10 GMT
server
waf/4.26.4-19.el6
age
1
etag
"5ee8f716-3445"
x-ws-request-id
6167381c_PSdgflkfFRA1bc9_16223-12038
content-type
application/javascript
accept-ranges
bytes
content-length
13381
x-via
1.1 lsh190:3 (Cdn Cache Server V2.0), 1.1 kf230:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1eq94:5 (Cdn Cache Server V2.0)
js
www.googletagmanager.com/gtag/ Frame 0B72 		95 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-208187165-1
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
1c1198a941e94fd1927c45f97030f7da28a7dbf0b0f0a0da3c50c12733a87250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38669
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Oct 2021 19:48:44 GMT
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 0B72 		315 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
1727919
etag
"610ae215-d3b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
69db1655df374e9e-FRA
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 0B72 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
1727919
etag
"610ae215-1062"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
69db1655df354e9e-FRA
content-length
4194
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 0B72 		315 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
1727919
etag
"610ae215-d3b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
69db1655ef394e9e-FRA
content-length
54194
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ Frame 0B72 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b314bdf1b3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
1727919
etag
"610ae215-1062"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
69db1655ef3b4e9e-FRA
content-length
4194
gtm.js
www.googletagmanager.com/ Frame 0B72 		77 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PRVNTVQ
Requested by
Host: enter-shield.com
URL: https://enter-shield.com/join/join.php?act=epc68089.46918-649679.tf.d98dtgfur9s7mr5bi95ai612&epcVIP=48.1066.g60&email=&password=&firstname=&lastname=&zip=&f_color=ffffff&ci_qcksub=1&net=1&epcCID=l4X7ad7aI5XcV97bndE32bm3U2H0w734t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f136.1e100.net
Software
Google Tag Manager /
Resource Hash
3ad4c20eea0c8f0c808f13ec135f6247f4a40f4bd5029d047e1638a81133a4a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31403
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Oct 2021 19:48:45 GMT
analytics.js
www.google-analytics.com/ Frame 0B72 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-208187165-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://enter-shield.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Sep 2021 21:34:48 GMT
server
Golfe2
age
3708
date
Wed, 13 Oct 2021 18:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19887
expires
Wed, 13 Oct 2021 20:46:57 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ Frame 0B72 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Origin
https://enter-shield.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 19:48:45 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
234559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9gBnVg46P8FGjJ160rBFovGM%2FYBvSBIV%2Bb7MCPciyq1bOjEulft9DyWzZVAMFVMMCD0jsu7%2B4PsgyU4ZupOt4wEEFhakJw2lLJ0YCE7%2BN%2BRWQTIthj6F3S77p3Zmy0vG%2FIeruvn"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69db16561e2b1f15-FRA
expires
Mon, 03 Oct 2022 19:48:45 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery string| SID string| SID2 string| SID3 string| SID4 string| page_name string| url function| refreshSession

3 Cookies

Domain/Path Name / Value
bitlnd.com/ Name: AWSALBCORS
Value: xAp+RLV6kBoPJEws6zIpr5xXko54yIOZ7rWlstNTDaErNQU2fzBP5WS1W8ao3urhzCNpKDr+pR8WCKQrH4EsHmWO3EbddWfj7T4Qi2CpwRMbilCGXnwJknSZ07C8
enlistopenly.com/ Name: PHPSESSID
Value: 1ab058d5252e2217d80f157824c48fd4
enter-shield.com/ Name: PHPSESSID
Value: 5f8bf277fc01423d2ce73e625f549ced

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
bitlnd.com
cdnjs.cloudflare.com
code.jquery.com
dg-videos.b-cdn.net
dirty.games
enlistopenly.com
enter-shield.com
fonts.googleapis.com
geoip.openlyenter.com
ka-p.fontawesome.com
kit.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
104.16.18.94
104.18.22.52
142.250.185.142
152.199.19.160
163.171.128.172
172.217.16.136
216.58.212.138
216.58.212.170
44.229.144.58
54.85.213.235
69.16.175.10
89.187.169.47
03647396344ca444ec1eef5e68ee88f6ff4b59384fec2830fa013ebf7ca914f7
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1c1198a941e94fd1927c45f97030f7da28a7dbf0b0f0a0da3c50c12733a87250
2cd14766b89f74025ca3c64c833dbdad8066543dfae0575f629008367168bedd
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
3ad4c20eea0c8f0c808f13ec135f6247f4a40f4bd5029d047e1638a81133a4a5
4245ecca2a4b50d7fd9adc9a965ed1f9b4ec24e9935e34c80efafc0f856d54c6
44f93bdff09df1d94263a0a434cd5de9d39e02375cd71d59bece14b84ba84bbc
4aca85d95784d80f98e3de60f5c7367e5df977033c835dfa4a89e247048a2f5f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
89d4b7e60391fb802c7bfae97619f5b13a212f1d318bf3944d7667412c6ec20a
8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
aed604182c192f5ee87b3c1f8bcbcd5310960a2848d2dfad9d8a2c0bab06e249
bf5872793f1b495141784e520b11dcc25225995d5de302e8704b1184a15cc9e4
c8405193be6e367fbf1331feacd7af0dafff2d78d064a29ac469aedfc39b29c7
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
ce37db8136546197bf5b555d0baede4d5944955799fdf64a7ebabca3599164e3
d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
da5c86fc2b80d27aca5a12a45ca54bd8fb11f9b3ed91f0b72d2a1ada8bd9e207
f2648f83e8bb78db15ffc5d01dcbc53fb6b8c585dcfabbb88bd0471b8399ca00
f496ae2bc3389bd4ed4d40f55ebdebb3cd4d7953c55178d2e3bc3aee0dbcd307
f6986e7e9308ac9bbfe5c29ce21d11c89e03221b937c094e56b8a8bb81b20843
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fe5b4861e4a86e9e65f84608f8ed4027e9eaa06234cb1a358c5d06ece62dfb72