urlscan.io logo urlscan.io
SecurityTrails logo

freedirtygame.com Open in urlscan Pro
5.189.171.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gg.gg/w1vtz
Effective URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={camp...
Submission: On September 29 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 25 domains to perform 56 HTTP transactions. The main IP is 5.189.171.71, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is freedirtygame.com.
TLS certificate: Issued by R3 on July 12th 2021. Valid for: 3 months.
This is the only time freedirtygame.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.15.209.141 52000 (MIRHOSTING)
1 69.61.26.123 22653 (GLOBALCOM...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.174.220.11 210294 (UKRDOMEN)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 80.89.229.79 24875 (NOVOSERVE-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 212.32.252.82 60781 (LEASEWEB-...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 212.32.249.98 60781 (LEASEWEB-...)
1 1 212.32.250.10 60781 (LEASEWEB-...)
1 1 157.230.211.91 14061 (DIGITALOC...)
22 5.189.171.71 51167 (CONTABO)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.21.74.180 ()
1 2001:4de0:ac1... ()
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... ()
56 21
1    185.15.209.141 (Dronten, Netherlands)

ASN52000 (MIRHOSTING, RU)
PTR: nbn.topsnursingschool.com
gg.gg
1    69.61.26.123 (United States)

ASN22653 (GLOBALCOMPASS, US)
v.ht
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.se
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
22424b0c2fefb1ed0fb8fe88fcc9ebaf.safeframe.googlesyndication.com
2    185.174.220.11 (Ukraine)

ASN210294 (UKRDOMEN, UA)
PTR: bt22.bitteserver.com
www.huntdogs.ru
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    80.89.229.79 (Netherlands)

ASN24875 (NOVOSERVE-AS, NL)
PTR: vm2688619.23ssd.had.wf
otk1.gq
1    2606:4700:3035::ac43:b62e (United States)

ASN13335 (CLOUDFLARENET, US)
cuttyladies.com
1    212.32.252.82 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
t.luvmenow.com
1    2606:4700:3031::6815:2042 (United States)

ASN13335 (CLOUDFLARENET, US)
iamyourmadam.com
1    2606:4700:3037::ac43:ae4f (United States)

ASN13335 (CLOUDFLARENET, US)
bringsomelove.com
1    212.32.249.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
of.trafican.com
1    212.32.250.10 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
adverster.g2afse.com
1    157.230.211.91 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bintrck.xyz
22    5.189.171.71 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: m3450.contabo.host
freedirtygame.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:490e (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.21.74.180 (None, )

ASN- ()
push.wuazu.net
1    2001:4de0:ac18::1:a:1a (None, )

ASN- ()
code.jquery.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700:3035::6815:50b8 (None, )

ASN- ()
swarmpush.com
Domain Requested by
22 freedirtygame.com freedirtygame.com
ajax.cloudflare.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
freedirtygame.com
3 swarmpush.com push.wuazu.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.huntdogs.ru 1 redirects v.ht
2 www.googletagmanager.com v.ht
freedirtygame.com
1 ajax.googleapis.com ajax.cloudflare.com
1 code.jquery.com ajax.cloudflare.com
1 push.wuazu.net www.googletagmanager.com
1 ajax.cloudflare.com freedirtygame.com
1 fonts.googleapis.com freedirtygame.com
1 bintrck.xyz 1 redirects
1 adverster.g2afse.com 1 redirects
1 of.trafican.com 1 redirects
1 bringsomelove.com 1 redirects
1 iamyourmadam.com 1 redirects
1 t.luvmenow.com 1 redirects
1 cuttyladies.com 1 redirects
1 otk1.gq 1 redirects
1 www.google.com tpc.googlesyndication.com
1 22424b0c2fefb1ed0fb8fe88fcc9ebaf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.se securepubads.g.doubleclick.net
1 www.googletagservices.com v.ht
1 v.ht
1 gg.gg 1 redirects
56 29

This site contains no links.

Subject Issuer Validity Valid
www.v.ht
R3		 2021-07-02 -
2021-09-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.se
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
huntdogs.ru
R3		 2021-07-10 -
2021-10-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
freedirtygame.com
R3		 2021-07-12 -
2021-10-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Frame ID: 9490A771E8CB8CD65E60AA6E23EA0950
Requests: 51 HTTP requests in this frame

Frame: https://22424b0c2fefb1ed0fb8fe88fcc9ebaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B5360A003708FE96C6C354CD10C98BB7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C61353A84E5A5AB711C6ACA7544E0E74
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9460474C005B85CCF2328934CA9FDA44
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Naruto Online

Page URL History Show full URLs

  1. http://gg.gg/w1vtz HTTP 301
    https://v.ht/vlOHa Page URL
  2. http://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf HTTP 301
    https://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf Page URL
  3. http://otk1.gq/bnDPsf HTTP 302
    https://cuttyladies.com/wWbjw64R HTTP 302
    http://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=11249&sub3=1bb97th3l3su3&sub1=13227&sub2=frd HTTP 302
    https://iamyourmadam.com/xmCVtjsh?aid=54&kid=168&clickid=a_61540a5fa7ce420001a3c61f&sub2=13227 HTTP 302
    https://bringsomelove.com/6xwNwNfG?aid=501&kid=540&sub1=168&sub2=frd&sub3=54 HTTP 302
    https://of.trafican.com/click?pid=501&offer_id=124&sub1=1bb97thkr00&sub2=501&sub3=540&sub4=168&sub5=... HTTP 302
    https://adverster.g2afse.com/click?pid=18&offer_id=13&sub1=61540a60a325bc0001a49e00&sub4=501 HTTP 302
    https://bintrck.xyz/click.php?key=vyz8q60kg6ho5eppuwje&code=61540a60413e650001c9d7db&sub1=61540a... HTTP 302
    https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_i... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

56
Requests

98 %
HTTPS

62 %
IPv6

25
Domains

29
Subdomains

21
IPs

4
Countries

1547 kB
Transfer

2389 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gg.gg/w1vtz HTTP 301
    https://v.ht/vlOHa Page URL
  2. http://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf HTTP 301
    https://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf Page URL
  3. http://otk1.gq/bnDPsf HTTP 302
    https://cuttyladies.com/wWbjw64R HTTP 302
    http://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=11249&sub3=1bb97th3l3su3&sub1=13227&sub2=frd HTTP 302
    https://iamyourmadam.com/xmCVtjsh?aid=54&kid=168&clickid=a_61540a5fa7ce420001a3c61f&sub2=13227 HTTP 302
    https://bringsomelove.com/6xwNwNfG?aid=501&kid=540&sub1=168&sub2=frd&sub3=54 HTTP 302
    https://of.trafican.com/click?pid=501&offer_id=124&sub1=1bb97thkr00&sub2=501&sub3=540&sub4=168&sub5=frd&sub6=54&sub7= HTTP 302
    https://adverster.g2afse.com/click?pid=18&offer_id=13&sub1=61540a60a325bc0001a49e00&sub4=501 HTTP 302
    https://bintrck.xyz/click.php?key=vyz8q60kg6ho5eppuwje&code=61540a60413e650001c9d7db&sub1=61540a60a325bc0001a49e00&sub2=&sub3=traffcore&sub4=501&sub5=18 HTTP 302
    https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://gg.gg/w1vtz HTTP 301
  • https://v.ht/vlOHa
Request Chain 11
  • http://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf HTTP 301
  • https://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
vlOHa
v.ht/
Redirect Chain
  • http://gg.gg/w1vtz
  • https://v.ht/vlOHa
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.ht/vlOHa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.123 , United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
29a5fc09799410d210a4f17a34717afc5ae2601825069ac85e0f692220e538a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Host
v.ht
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Hotcores.com
Date
Wed, 29 Sep 2021 06:40:28 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Gamma
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip

Redirect headers

Date
Wed, 29 Sep 2021 06:40:28 GMT
Server
Apache/2.2.22 (@RELEASE@)
X-Powered-By
PHP/5.3.3
Set-Cookie
ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22369e11037e784e8ad934b03dfc4af178%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2291.199.118.75%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A114%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1632897628%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dc9e795f22673a17dd288311f9c80ae40; expires=Wed, 29-Sep-2021 08:40:28 GMT; path=/ gg_token=7aebc22d36acee7a3dabfa0f35a9ddc261540a5c4cd0f9.84718869; expires=Tue, 28-Dec-2021 06:40:28 GMT; path=/; domain=.gg.gg
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Wed, 29 Sep 2021 06:40:28 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
Location
https://v.ht/vlOHa
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: v.ht
URL: https://v.ht/vlOHa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d4935cdaaabf62885318264cc6ce621930710a7f1218511127192dc2b0caae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1000 / 88 of 1000 / last-modified: 1632866880"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25135
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 06:40:28 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Requested by
Host: v.ht
URL: https://v.ht/vlOHa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a966c0e560aeb9142e5091ca7d8f759bd74349b9b01d6a5fbb493d0f814c23f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38852
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Sep 2021 06:40:28 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6811
date
Wed, 29 Sep 2021 04:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 29 Sep 2021 06:46:57 GMT
pubads_impl_2021091501.js
securepubads.g.doubleclick.net/gpt/ 		334 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062964
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119151
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 08:39:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Sep 2021 06:40:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		23 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
dfe15bfae0625b08260e81acf8b8a6d710a2ebc6baf7f7c54880d3861e941397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 06:40:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39
x-xss-protection
0
expires
Wed, 29 Sep 2021 06:40:28 GMT
collect
www.google-analytics.com/j/ 		1 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=126553320&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2FvlOHa&ul=en-us&de=UTF-8&dt=vlOHa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1781145684&gjid=1425844338&cid=981852838.1632897629&tid=UA-31510493-3&_gid=1226272455.1632897629&_r=1&gtm=2ou9r0&z=684986957
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://v.ht/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 06:40:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v.ht
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.se/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.se/adsid/integrator.js?domain=v.ht
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 06:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=v.ht
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 06:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		433 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=533740819133785&correlator=1499778871425616&output=ldjh&impl=fif&eid=31061423%2C31062964%2C21068030%2C31061425&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210929&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1632897629&dt=1632897629060&dlt=1632897628851&idt=182&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=495576698&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fv.ht%2FvlOHa&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x63&msz=0x0&ga_vid=981852838.1632897629&ga_sid=1632897629&ga_hid=126553320&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
223
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://v.ht
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
22424b0c2fefb1ed0fb8fe88fcc9ebaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B536 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://22424b0c2fefb1ed0fb8fe88fcc9ebaf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
22424b0c2fefb1ed0fb8fe88fcc9ebaf.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.ht/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 29 Sep 2021 06:40:29 GMT
expires
Thu, 29 Sep 2022 06:40:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redirect.php
www.huntdogs.ru/
Redirect Chain
  • http://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf
  • https://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf
412 B
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf
Requested by
Host: v.ht
URL: https://v.ht/vlOHa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.174.220.11 , Ukraine, ASN210294 (UKRDOMEN, UA),
Reverse DNS
bt22.bitteserver.com
Software
nginx/1.14.1 / PHP/5.2.17
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

:method
GET
:authority
www.huntdogs.ru
:scheme
https
:path
/redirect.php?url=http://otk1.gq/bnDPsf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/vlOHa

Response headers

server
nginx/1.14.1
date
Wed, 29 Sep 2021 06:40:30 GMT
content-type
text/html; charset=windows-1251
x-powered-by
PHP/5.2.17
set-cookie
Apache=b9324fad.5cd1c9b31b1af; path=/; expires=Thu, 29-Sep-22 06:40:30 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip

Redirect headers

Server
nginx/1.14.1
Date
Wed, 29 Sep 2021 06:40:29 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://www.huntdogs.ru:443/redirect.php?url=http://otk1.gq/bnDPsf
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021091501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 06:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8615
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062964
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 29 Sep 2021 06:40:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C613 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.ht/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 29 Sep 2021 04:20:31 GMT
expires
Thu, 29 Sep 2022 04:20:31 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
8398
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9460 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-E+uuzF84U6XB0JysIDdL+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://v.ht/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 29 Sep 2021 06:40:30 GMT
date
Wed, 29 Sep 2021 06:40:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-E+uuzF84U6XB0JysIDdL+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
pagead2.googlesyndication.com/bg/ Frame C613 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 21:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
31743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13400
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 21:51:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9460 		0
0
Primary Request /
freedirtygame.com/ml/BC/NarutoOnline/
Redirect Chain
  • http://otk1.gq/bnDPsf
  • https://cuttyladies.com/wWbjw64R
  • http://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=11249&sub3=1bb97th3l3su3&sub1=13227&sub2=frd
  • https://iamyourmadam.com/xmCVtjsh?aid=54&kid=168&clickid=a_61540a5fa7ce420001a3c61f&sub2=13227
  • https://bringsomelove.com/6xwNwNfG?aid=501&kid=540&sub1=168&sub2=frd&sub3=54
  • https://of.trafican.com/click?pid=501&offer_id=124&sub1=1bb97thkr00&sub2=501&sub3=540&sub4=168&sub5=frd&sub6=54&sub7=
  • https://adverster.g2afse.com/click?pid=18&offer_id=13&sub1=61540a60a325bc0001a49e00&sub4=501
  • https://bintrck.xyz/click.php?key=vyz8q60kg6ho5eppuwje&code=61540a60413e650001c9d7db&sub1=61540a60a325bc0001a49e00&sub2=&sub3=traffcore&sub4=501&sub5=18
  • https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
81725073088ca6eadba06aa064429faedb4b8fd4a3ade77ded3299a7fd830915

Request headers

Host
freedirtygame.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.huntdogs.ru/redirect.php?url=http://otk1.gq/bnDPsf

Response headers

Server
nginx
Date
Wed, 29 Sep 2021 06:40:31 GMT
Content-Type
text/html
Last-Modified
Fri, 26 Feb 2021 14:23:16 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
ETag
W/"60390454-1bd4"
Expires
Sat, 30 Oct 2021 06:40:31 GMT
Cache-Control
max-age=2678400
Content-Encoding
gzip

Redirect headers

server
nginx/1.18.0
date
Wed, 29 Sep 2021 06:40:32 GMT
content-type
text/html; charset=UTF-8
location
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
set-cookie
uclick=xoj217ktwj; expires=Thu, 30-Sep-2021 06:40:32 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=xoj217ktwj-xoj217ktwj-2t9r-0-7sy9i4-gxfya9-gxibg6-d67aa0; expires=Thu, 30-Sep-2021 06:40:32 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security
max-age=31536000
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kaushan+Script&family=Marck+Script&family=Ubuntu:wght@400;700&display=swap
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f52534437777daf7325fe65d7b489d168384efeaa3361ffda18bfd0fcde0a641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 06:40:32 GMT
server
ESF
date
Wed, 29 Sep 2021 06:40:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 06:40:32 GMT
styles.css
freedirtygame.com/ml/BC/NarutoOnline/files/ 		43 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
efc141bc0105792b885d4cbca4d915255a06022311a0c55f47a7dbf2d1342148

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Feb 2021 18:01:59 GMT
Server
nginx
ETag
W/"60369497-ac04"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 30 Oct 2021 06:40:31 GMT
lang.js
freedirtygame.com/ml/BC/NarutoOnline/files/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/lang.js
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
0e9c98f77d034f9ee1264c51c80bfbd03bce053d24eedc3f80917f7ec725b4a6

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Feb 2021 10:18:53 GMT
Server
nginx
ETag
W/"6036280d-7f68"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 30 Oct 2021 06:40:31 GMT
girl_start_screen.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/girl_start_screen.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
bca93dd3c6d1fbc56cebf543383b4b4d1cd26cee9b3fb5d0a9f935a63ce3ab65

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:32 GMT
Server
nginx
ETag
"60362834-1edab"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
126379
Expires
Sat, 30 Oct 2021 06:40:31 GMT
girl_start_screen.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/mobile/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/mobile/girl_start_screen.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
bca93dd3c6d1fbc56cebf543383b4b4d1cd26cee9b3fb5d0a9f935a63ce3ab65

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:41 GMT
Server
nginx
ETag
"6036283d-1edab"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
126379
Expires
Sat, 30 Oct 2021 06:40:31 GMT
logo.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/logo.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
8fdc12897e48b951fb254f396b43033dbcf8769d2a9fb6d2de26a1bc839ba7a5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:20 GMT
Server
nginx
ETag
"60362828-2cd9"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11481
Expires
Sat, 30 Oct 2021 06:40:31 GMT
title_1.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/title_1.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
9f064d7c4c325ec9655043604c09548b20b9c43a8a1521facedca6706430049f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:33 GMT
Server
nginx
ETag
"60362835-4e4"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1252
Expires
Sat, 30 Oct 2021 06:40:31 GMT
title_2.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/title_2.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
3f43b18e00e59cf623c50419afb9ae9f26acfdddce62c4231e4a8db9412c8855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:29 GMT
Server
nginx
ETag
"60362831-5d3"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1491
Expires
Sat, 30 Oct 2021 06:40:32 GMT
title_3.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/title_3.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
930694b885ebe60c18fcb292307b56862b8cedd9d3b2d879d73a39fa59a8e7fc

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:10 GMT
Server
nginx
ETag
"6036281e-624"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1572
Expires
Sat, 30 Oct 2021 06:40:32 GMT
ico_ok.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/ico_ok.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
db43a71dc693a04d390b632538a00a173101f3743a80ad55558dfcf290890ebf

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:05 GMT
Server
nginx
ETag
"60362819-737"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1847
Expires
Sat, 30 Oct 2021 06:40:32 GMT
girl.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/girl.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
61061d3e4bafa513a3f621d07798d50c6695a24631e5074b754326799aa77dc7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:23 GMT
Server
nginx
ETag
"6036282b-174f0"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95472
Expires
Sat, 30 Oct 2021 06:40:32 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:490e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Tue, 21 Sep 2021 15:51:34 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6149ff86-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BCGjhr0yuGE0MRr4puXkl%2BN7o6z1upfLRWKqdGoS2TXqbCimrgxeQUzarEZnQ15AR3JLhs%2FTz3y4eXst8Jq0qhF%2BTYxTXGksgsVum7GrvPHn3bD5MnzDfq8PFEbi%2FAkMVsj39EVpP%2FnQltr%2BAfDXsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6963387d0a7d1f31-FRA
expires
Fri, 01 Oct 2021 06:40:32 GMT
jquery.min.js
freedirtygame.com/ml/BC/NarutoOnline/files/ 		159 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/jquery.min.js
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
28a181ba74eabcf5328e470910359ae5b830472e930f40dd68572452bc2c2062

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Feb 2021 10:18:55 GMT
Server
nginx
ETag
W/"6036280f-27daf"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 30 Oct 2021 06:40:31 GMT
gtm.js
www.googletagmanager.com/ 		165 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8649caf6653b9050829c3a2cd1c6f1e9444e090b0c9660bd6968deac50488590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54375
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Sep 2021 06:40:32 GMT
bg.jpg
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		581 KB
581 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/bg.jpg
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
0ce2c05dc6c31b8f51d23ba25ea5a5f2240eea2f92041c28f2c8ac1ef48e5f62

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:16 GMT
Server
nginx
ETag
"60362824-91395"
Content-Type
image/jpeg
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
594837
Expires
Sat, 30 Oct 2021 06:40:31 GMT
bubble.svg
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/bubble.svg
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
e9e682aa6c45505eb4c32859baa61060ee2c1da1504dfccf40859af6a31d0874

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:31 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:03 GMT
Server
nginx
ETag
"60362817-3092"
Content-Type
image/svg+xml
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12434
Expires
Sat, 30 Oct 2021 06:40:31 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kaushan+Script&family=Marck+Script&family=Ubuntu:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 01:44:56 GMT
x-content-type-options
nosniff
age
104136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 01:44:56 GMT
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Kaushan+Script&family=Marck+Script&family=Ubuntu:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:24:37 GMT
x-content-type-options
nosniff
age
558955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34260
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:57 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Sep 2022 19:24:37 GMT
button_red.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/button_red.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
00c1577ae2ca15851f033320056d820f5f9657b10f498257aef7a802e70fe6f4

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:28 GMT
Server
nginx
ETag
"60362830-1fff"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8191
Expires
Sat, 30 Oct 2021 06:40:32 GMT
button_red_hover.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/button_red_hover.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
d01b428af63e80a9b1839e85d9ea67601dd0e4ef24ac8437ee5675b0bed98afe

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:09 GMT
Server
nginx
ETag
"6036281d-1735"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5941
Expires
Sat, 30 Oct 2021 06:40:32 GMT
button_grey_hover.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/button_grey_hover.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
3579818f40d8cf1743521c370e9cb1a7b65a210fceca3decd89e00e57fc70724

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:02 GMT
Server
nginx
ETag
"60362816-12f8"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4856
Expires
Sat, 30 Oct 2021 06:40:32 GMT
title_name_1_hover.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/title_name_1_hover.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
aa93ad986852d5c194840ff37cead355d23702c0d767cf9b9094562b47ddf731

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:11 GMT
Server
nginx
ETag
"6036281f-11bd"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4541
Expires
Sat, 30 Oct 2021 06:40:32 GMT
title_name_2_hover.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/title_name_2_hover.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
e0dfdddf23195e41450ac2508f082dabb6b1f321a2aa34dea34dba2cd309bdae

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:25 GMT
Server
nginx
ETag
"6036282d-95b"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2395
Expires
Sat, 30 Oct 2021 06:40:32 GMT
title_name_3_hover.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/title_name_3_hover.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
d5cf0d8f68f09a4640da42d894704d8205d41cd165ca0843505727dbe24e60b1

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:12 GMT
Server
nginx
ETag
"60362820-f20"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3872
Expires
Sat, 30 Oct 2021 06:40:32 GMT
button_big_hover.png
freedirtygame.com/ml/BC/NarutoOnline/files/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/images/button_big_hover.png
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
66e25e191133dac9f0d57a6997a08c0573a536733678e8eef055ce2fab557a91

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Last-Modified
Wed, 24 Feb 2021 10:19:30 GMT
Server
nginx
ETag
"60362832-2428"
Content-Type
image/png
Cache-Control
max-age=2678400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9256
Expires
Sat, 30 Oct 2021 06:40:32 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6815
date
Wed, 29 Sep 2021 04:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 29 Sep 2021 06:46:57 GMT
app.js
push.wuazu.net/s/pushilka/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://push.wuazu.net/s/pushilka/app.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PVSSXTS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.74.180 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4bccff761c597e401848195d9a96a0d9831797a9582d015e6cc855dce845b973

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4888
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
service-worker-allowed
/
last-modified
Sun, 14 Jun 2020 17:15:06 GMT
server
cloudflare
etag
W/"5ee65b1a-1318"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCNNnzlWxQMa9cYikAKcenl6SeSlO1%2Bm4O4bnpbVYpcFR%2FdSv9u5sx34unQTVntw03BYRUZNzyWU1HMvqrBN%2BKmpsoKYrOPKqbmU77vmvQxtoMuod2JU6iHSOtn4mTWy%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6963387d5ca405b3-FRA
expires
Wed, 29 Sep 2021 06:40:31 GMT
js.js
freedirtygame.com/ml/BC/NarutoOnline/files/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedirtygame.com/ml/BC/NarutoOnline/files/js.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.189.171.71 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
m3450.contabo.host
Software
nginx /
Resource Hash
11d5726450b86b6cc8f6b97116e4f7ba673022067b9e92a9bd6c19e84e6047d3

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
freedirtygame.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 29 Sep 2021 06:40:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Feb 2021 10:52:53 GMT
Server
nginx
ETag
W/"60378185-12b2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2678400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 30 Oct 2021 06:40:32 GMT
jquery-migrate-1.4.1.min.js
code.jquery.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-migrate-1.4.1.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:32 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 01:26:30 GMT
server
nginx
etag
W/"573e67c6-2748"
vary
Accept-Encoding
x-hw
1632897632.dop217.fr8.t,1632897632.cds278.fr8.hn,1632897632.cds266.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4014
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 02:47:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Thu, 29 Sep 2022 02:47:26 GMT
js
www.google-analytics.com/gtm/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-TM9ZR3P&t=gtm5&cid=1202106038.1632897633
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17a86068836a7bb1fc82c5de0d251dfec11c580e5b1e58f829b6cf5965c799cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37053
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Sep 2021 06:40:32 GMT
collect
www.google-analytics.com/j/ 		1 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1252998021&t=pageview&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fml%2FBC%2FNarutoOnline%2F%3Fclickid%3D9017exoj217ktwjc02%26country%3DGB%26m1%3DChrome%26voluum_id%3D1056%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1056&ul=en-us&de=UTF-8&dt=Naruto%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=719059319&gjid=242212957&cid=1202106038.1632897633&uid=9017exoj217ktwjc02&tid=UA-150844200-5&_gid=1342139077.1632897633&_r=1&gtm=2wg9r0PVSSXTS&cd1=ml%2FBC%2FNarutoOnline&cd2=Braincash%20-%20Global%20-%20mainstream%20game%20-%20iFrame%20-%20Multi_language%20(en%2C%20es%2C%20de%2C%20fr%2C%20it%2C%20ru%2C%20ja%2C%20tr%2C%20pl)%20-%20Naruto&cd3=9017exoj217ktwjc02&cd4=en&cd5=9017exoj217ktwjc02&cd6=gb&cd7=chrome&cd8=1056&cd10=1056&cd11=%7Bcampaign.name%7D&z=19036932
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://freedirtygame.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 06:40:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://freedirtygame.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1252998021&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fml%2FBC%2FNarutoOnline%2F%3Fclickid%3D9017exoj217ktwjc02%26country%3DGB%26m1%3DChrome%26voluum_id%3D1056%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1056&ul=en-us&de=UTF-8&dt=Naruto%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=loaded&ea=first%20page&el=https%3A%2F%2Ffreedirtygame.com%2Fml%2FBC%2FNarutoOnline%2F%3Fclickid%3D9017exoj217ktwjc02%26country%3DGB%26m1%3DChrome%26voluum_id%3D1056%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1056&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=1202106038.1632897633&tid=UA-150844200-5&_gid=1342139077.1632897633&gtm=2wg9r0PVSSXTS&cd1=ml%2FBC%2FNarutoOnline&cd2=Braincash%20-%20Global%20-%20mainstream%20game%20-%20iFrame%20-%20Multi_language%20(en%2C%20es%2C%20de%2C%20fr%2C%20it%2C%20ru%2C%20ja%2C%20tr%2C%20pl)%20-%20Naruto&cd3=9017exoj217ktwjc02&cd4=en&cd5=9017exoj217ktwjc02&cd6=gb&cd7=chrome&cd8=1056&cd10=1056&cd11=%7Bcampaign.name%7D&z=1640937467
Requested by
Host: freedirtygame.com
URL: https://freedirtygame.com/ml/BC/NarutoOnline/?clickid=9017exoj217ktwjc02&country=GB&m1=Chrome&voluum_id=1056&tsource={campaign.name}&campaign=1056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 23:03:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27445
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
event
swarmpush.com/ 		43 B
736 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://swarmpush.com/event
Requested by
Host: push.wuazu.net
URL: https://push.wuazu.net/s/pushilka/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:50b8 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
7bbeb1d7ffddbc65a104caf1e24cd467cc322c58f4972313804b67960a80a5c5

Request headers

Referer
https://freedirtygame.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 29 Sep 2021 06:40:33 GMT
access-control-allow-methods
POST, PUT, DELETE, GET
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.2.34
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iTbxGVhybv%2FnZfvDCIlGj4z9Dq%2BDFOvPoG4wBAB9W3hfMUY6V5M40paLmNgVAqxDXy7ppeVhFNGIfmKGE9jnlfuJclT2kmvU7Y7Wf2zJQ9GGI4hKWuKoSHO4OU3wQqxME%2BkmCpnRqUQVY0a"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, private
cf-ray
696338837de74e98-FRA
expires
Wed, 29 Sep 2021 06:40:33 GMT
app.css
swarmpush.com/s/pushilka/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://swarmpush.com/s/pushilka/app.css
Requested by
Host: push.wuazu.net
URL: https://push.wuazu.net/s/pushilka/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:50b8 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
74934db0a8829b280a64167629bfa3855dd2a50c641fa5baa8c927a3cb6ff1d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1436
cf-polished
origSize=1649
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 25 Apr 2020 17:39:05 GMT
server
cloudflare
etag
W/"5ea475b9-671"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UimKWOR9uexHZERM%2Bho9TrQog8Vn%2BV1Wcyah%2BY8buOuOwTYwI8zecU3GtZtwjIaPRE3ClxaWpBU3wTukWFh9T%2BEV3aOBzf4F%2FuW1IraJdU6XicH4MjKf7jT28LLDRDaMkxUFh26eINLxDZLv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6963388379e768f8-FRA
cf-bgj
minify
bell.webp
swarmpush.com/s/pushilka/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://swarmpush.com/s/pushilka/bell.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:50b8 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
76318a01b1c1e58ce7b96a7c9de5d6867287b78b84a5ed9a8859d45cc512f283

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 06:40:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1436
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20864
last-modified
Thu, 30 Jan 2020 16:54:00 GMT
server
cloudflare
etag
"5e330a28-5180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu0qmIZsz%2Fqi%2Fjp%2FypvTg8HT1uP2HakcG2wyU1Zg42NNnymgkBJxh39fwVayUpyH5iMtn6ppuDafqMuXSmndQsTYNxCOPAF8JqJszgfsbX3NbaEOq5DJ%2F8lFCizD7yDFQwvVJ8bWjrHAgFoj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6963388379e968f8-FRA
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=1252998021&t=event&ni=0&_s=1&dl=https%3A%2F%2Ffreedirtygame.com%2Fml%2FBC%2FNarutoOnline%2F%3Fclickid%3D9017exoj217ktwjc02%26country%3DGB%26m1%3DChrome%26voluum_id%3D1056%26tsource%3D%7Bcampaign.name%7D%26campaign%3D1056&ul=en-us&de=UTF-8&dt=Naruto%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=push&ea=show&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=1202106038.1632897633&tid=UA-150844200-5&_gid=1342139077.1632897633&gtm=2wg9r0PVSSXTS&cd1=ml%2FBC%2FNarutoOnline&cd2=Braincash%20-%20Global%20-%20mainstream%20game%20-%20iFrame%20-%20Multi_language%20(en%2C%20es%2C%20de%2C%20fr%2C%20it%2C%20ru%2C%20ja%2C%20tr%2C%20pl)%20-%20Naruto&cd3=9017exoj217ktwjc02&cd4=en&cd5=9017exoj217ktwjc02&cd6=gb&cd7=chrome&cd8=1056&cd10=1056&cd11=%7Bcampaign.name%7D&z=463982292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedirtygame.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Sep 2021 23:03:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
27446
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021091501&jk=533740819133785&rc=

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| dataLayer function| lang function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| getURLParameter number| count function| traff function| GetQueryString object| __cfQR object| gaplugins object| gaGlobal object| gaData object| google_optimize

28 Cookies

Domain/Path Name / Value
gg.gg/ Name: ci_session
Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22369e11037e784e8ad934b03dfc4af178%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%2291.199.118.75%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A114%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F93.0.4577.63+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1632897628%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dc9e795f22673a17dd288311f9c80ae40
.gg.gg/ Name: gg_token
Value: 7aebc22d36acee7a3dabfa0f35a9ddc261540a5c4cd0f9.84718869
.v.ht/ Name: _ga
Value: GA1.2.981852838.1632897629
.v.ht/ Name: _gid
Value: GA1.2.1226272455.1632897629
.v.ht/ Name: _gat_gtag_UA_31510493_3
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.v.ht/ Name: __gads
Value: ID=4a29168e798726f2-2256dc4d64c900c3:T=1632897629:S=ALNI_MYhtp_W2FbXHwzG_E_9Fc4lInhdYw
www.huntdogs.ru/ Name: Apache
Value: b9324fad.5cd1c9b31b1af
otk1.gq/ Name: _subid
Value: 2niit1b61540a5e5dd37
otk1.gq/ Name: 18b13
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjVcIjoxNjMyODk3NjMwfSxcImNhbXBhaWduc1wiOntcIjJcIjoxNjMyODk3NjMwfSxcInRpbWVcIjoxNjMyODk3NjMwfSJ9.-dbgG8ewf3VLhYFD36pJ34GLFU0Ldhm-cHveIBBwCec
cuttyladies.com/ Name: _subid
Value: 1bb97th3l3su3
cuttyladies.com/ Name: 9bf24
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0MDIwOVwiOjE2MzI4OTc2MzAsXCIxNTgwM1wiOjE2MzI4OTc2MzB9LFwiY2FtcGFpZ25zXCI6e1wiMTMyMjdcIjoxNjMyODk3NjMwLFwiMTgyXCI6MTYzMjg5NzYzMH0sXCJ0aW1lXCI6MTYzMjg5NzYzMH0ifQ.jDMbwEjzPqLBfVkf_9t6UjAU6o_EyvPyUNhVfaOXUPk
cuttyladies.com/ Name: _token
Value: uuid_1bb97th3l3su3_1bb97th3l3su361540a5e85dd34.06248264
iamyourmadam.com/ Name: _subid
Value: 1bb97thkqvv
iamyourmadam.com/ Name: _token
Value: uuid_1bb97thkqvv_1bb97thkqvv61540a5f4467b8.99326977
iamyourmadam.com/ Name: f08cf
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI4MDVcIjoxNjMyODk3NjMxfSxcImNhbXBhaWduc1wiOntcIjE2OFwiOjE2MzI4OTc2MzF9LFwidGltZVwiOjE2MzI4OTc2MzF9In0.eZsyIhPkW_Y8KvRwcyQmlC0zrAqSea7S2o2m9WlfU48
bringsomelove.com/ Name: _subid
Value: 1bb97thkr00
bringsomelove.com/ Name: _token
Value: uuid_1bb97thkr00_1bb97thkr0061540a601cbd67.70284899
bringsomelove.com/ Name: f08cf
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExNjAzXCI6MTYzMjg5NzYzMn0sXCJjYW1wYWlnbnNcIjp7XCI1NDBcIjoxNjMyODk3NjMyfSxcInRpbWVcIjoxNjMyODk3NjMyfSJ9.QqcK5ws6tl-UmLNlW-iKuO0et-rByO168KDLCdWgpCo
of.trafican.com/ Name: afclick
Value: 61540a60a325bc0001a49e00
of.trafican.com/ Name: afoffers
Value: {"124":1632897632}
adverster.g2afse.com/ Name: afclick
Value: 61540a60413e650001c9d7db
adverster.g2afse.com/ Name: afoffers
Value: {"13":1632897632}
bintrck.xyz/ Name: uclick
Value: xoj217ktwj
bintrck.xyz/ Name: uclickhash
Value: xoj217ktwj-xoj217ktwj-2t9r-0-7sy9i4-gxfya9-gxibg6-d67aa0
.freedirtygame.com/ Name: _ga
Value: GA1.2.1202106038.1632897633
.freedirtygame.com/ Name: _gid
Value: GA1.2.1342139077.1632897633
.freedirtygame.com/ Name: _gat_UA-150844200-5
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

22424b0c2fefb1ed0fb8fe88fcc9ebaf.safeframe.googlesyndication.com
adservice.google.com
adservice.google.se
adverster.g2afse.com
ajax.cloudflare.com
ajax.googleapis.com
bintrck.xyz
bringsomelove.com
code.jquery.com
cuttyladies.com
fonts.googleapis.com
fonts.gstatic.com
freedirtygame.com
gg.gg
iamyourmadam.com
of.trafican.com
otk1.gq
pagead2.googlesyndication.com
push.wuazu.net
securepubads.g.doubleclick.net
swarmpush.com
t.luvmenow.com
tpc.googlesyndication.com
v.ht
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.huntdogs.ru
pagead2.googlesyndication.com
104.21.74.180
142.250.186.98
157.230.211.91
185.15.209.141
185.174.220.11
2001:4de0:ac18::1:a:1a
212.32.249.98
212.32.250.10
212.32.252.82
2606:4700:3031::6815:2042
2606:4700:3035::6815:50b8
2606:4700:3035::ac43:b62e
2606:4700:3037::ac43:ae4f
2606:4700::6811:490e
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2001
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
5.189.171.71
69.61.26.123
80.89.229.79
00c1577ae2ca15851f033320056d820f5f9657b10f498257aef7a802e70fe6f4
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
0ce2c05dc6c31b8f51d23ba25ea5a5f2240eea2f92041c28f2c8ac1ef48e5f62
0d4935cdaaabf62885318264cc6ce621930710a7f1218511127192dc2b0caae9
0e9c98f77d034f9ee1264c51c80bfbd03bce053d24eedc3f80917f7ec725b4a6
11d5726450b86b6cc8f6b97116e4f7ba673022067b9e92a9bd6c19e84e6047d3
17a86068836a7bb1fc82c5de0d251dfec11c580e5b1e58f829b6cf5965c799cd
28a181ba74eabcf5328e470910359ae5b830472e930f40dd68572452bc2c2062
29a5fc09799410d210a4f17a34717afc5ae2601825069ac85e0f692220e538a4
3579818f40d8cf1743521c370e9cb1a7b65a210fceca3decd89e00e57fc70724
3a966c0e560aeb9142e5091ca7d8f759bd74349b9b01d6a5fbb493d0f814c23f
3f43b18e00e59cf623c50419afb9ae9f26acfdddce62c4231e4a8db9412c8855
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4bccff761c597e401848195d9a96a0d9831797a9582d015e6cc855dce845b973
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
61061d3e4bafa513a3f621d07798d50c6695a24631e5074b754326799aa77dc7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66e25e191133dac9f0d57a6997a08c0573a536733678e8eef055ce2fab557a91
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74934db0a8829b280a64167629bfa3855dd2a50c641fa5baa8c927a3cb6ff1d0
76318a01b1c1e58ce7b96a7c9de5d6867287b78b84a5ed9a8859d45cc512f283
7bbeb1d7ffddbc65a104caf1e24cd467cc322c58f4972313804b67960a80a5c5
81725073088ca6eadba06aa064429faedb4b8fd4a3ade77ded3299a7fd830915
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8649caf6653b9050829c3a2cd1c6f1e9444e090b0c9660bd6968deac50488590
8fdc12897e48b951fb254f396b43033dbcf8769d2a9fb6d2de26a1bc839ba7a5
930694b885ebe60c18fcb292307b56862b8cedd9d3b2d879d73a39fa59a8e7fc
9f064d7c4c325ec9655043604c09548b20b9c43a8a1521facedca6706430049f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa93ad986852d5c194840ff37cead355d23702c0d767cf9b9094562b47ddf731
bca93dd3c6d1fbc56cebf543383b4b4d1cd26cee9b3fb5d0a9f935a63ce3ab65
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d01b428af63e80a9b1839e85d9ea67601dd0e4ef24ac8437ee5675b0bed98afe
d5cf0d8f68f09a4640da42d894704d8205d41cd165ca0843505727dbe24e60b1
db43a71dc693a04d390b632538a00a173101f3743a80ad55558dfcf290890ebf
dfe15bfae0625b08260e81acf8b8a6d710a2ebc6baf7f7c54880d3861e941397
e0dfdddf23195e41450ac2508f082dabb6b1f321a2aa34dea34dba2cd309bdae
e9e682aa6c45505eb4c32859baa61060ee2c1da1504dfccf40859af6a31d0874
efc141bc0105792b885d4cbca4d915255a06022311a0c55f47a7dbf2d1342148
f52534437777daf7325fe65d7b489d168384efeaa3361ffda18bfd0fcde0a641
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62