| track.freespicy.games/click?pid=7179&offer_id=346&sub1=mlClick-O0ET9eUp&sub4=767486 | 34.90.14.205 | 302 Found | 0 B |
URL User Request GET HTTP/2track.freespicy.games/click?pid=7179&offer_id=346&sub1=mlClick-O0ET9eUp&sub4=767486 IP34.90.14.205:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subjecttrack.freespicy.games Fingerprint83:0C:9C:AF:D3:54:96:61:C7:F0:74:E6:29:B0:B6:E1:36:B5:7A:E9 ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=7179&offer_id=346&sub1=mlClick-O0ET9eUp&sub4=767486 HTTP/1.1
Host: track.freespicy.games
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-length: 0
location: https://track.affstreck.com/462ddfad-df18-4146-aa9f-7f167085a1e8?tsource=affise&offer_id=346&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=MyLead&partner_id=7179&offer_name=Spicy+Game+All+geo+CPS+%28mainstream+LP%29&filter=&clickid=6622e721faf4350001e3d760&aff_source=767486
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6622e721faf4350001e3d760; expires=Sat, 19 Apr 2025 21:50:25 GMT; secure; SameSite=None
afoffers={"346":1713563425}; expires=Sat, 19 Apr 2025 21:50:25 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| track.affstreck.com/462ddfad-df18-4146-aa9f-7f167085a1e8?tsource=affise&offer_id=346&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=MyLead&partner_id=7179&offer_name=Spicy+Game+All+geo+CPS+%28mainstream+LP%29&filter=&clickid=6622e721faf4350001e3d760&aff_source=767486 | 18.156.93.177 | 302 Found | 0 B |
URL User Request GET HTTP/2track.affstreck.com/462ddfad-df18-4146-aa9f-7f167085a1e8?tsource=affise&offer_id=346&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=MyLead&partner_id=7179&offer_name=Spicy+Game+All+geo+CPS+%28mainstream+LP%29&filter=&clickid=6622e721faf4350001e3d760&aff_source=767486 IP18.156.93.177:443
CertificateIssuerLet's Encrypt Subjecttrack.affstreck.com Fingerprint98:EB:57:A4:D8:E2:4F:5B:BF:D4:A8:9D:2F:5E:5C:A7:4D:A2:BB:23 ValidityTue, 19 Mar 2024 06:48:16 GMT - Mon, 17 Jun 2024 06:48:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /462ddfad-df18-4146-aa9f-7f167085a1e8?tsource=affise&offer_id=346&advertiser_id=608ac49f92ffdb7fffaa187a&affiliate_name=MyLead&partner_id=7179&offer_name=Spicy+Game+All+geo+CPS+%28mainstream+LP%29&filter=&clickid=6622e721faf4350001e3d760&aff_source=767486 HTTP/1.1
Host: track.affstreck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10=
pragma: no-cache
set-cookie: 462ddfad-df18-4146-aa9f-7f167085a1e8-v4=jr9GpGDoYSwAlgCuNcrPaGSB9srndCgCLWwohF30jRE; Max-Age=86400; Expires=Sat, 20-Apr-2024 21:50:25 GMT; Domain=track.affstreck.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=IENw4aplT9ZOYfPcRRpl7PW8zKw41THB9uUGGBVrl1vmNvvs6fC4fDSZBuiYjmo5iyMSelNE7sHJgq9f2jIaJ7p3lO0Vj2%2FJban8jfirXjjVh%2Fe4aN3Uj346DkrhBi4AgjHnwVNP0uugzqe6axUi2w%3D%3D; Max-Age=31536000; Expires=Sat, 19-Apr-2025 21:50:25 GMT; Domain=track.affstreck.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/logo.svg | 134.209.88.167 | 200 OK | 91 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/logo.svg IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeSVG Scalable Vector Graphics image Hash8c22bddb7c48f9399e261f5db513f07e 4b80d20c009b381f68279b73fe0221ce2736aaed bd714a6afb8f4b41fc97cd54318d153b519eb0dba54a8be5fc8f0de2082e39e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/logo.svg HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: image/svg+xml
content-length: 90940
last-modified: Tue, 23 Jan 2024 15:29:59 GMT
etag: "65afdb77-1633c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-TGM4F8X | 142.250.74.168 | 200 OK | 72 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-TGM4F8X IP142.250.74.168:443
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (21659) Hashf860b1372a3dc0c0d22df046eab2a283 9a32280d3f16808def2d45949daae907549b1b6b f3c2ed4d33e25fdad8429aeca4531f2bcf17420b0f73fe644a32077cf79c2f78
GET /gtm.js?id=GTM-TGM4F8X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 21:50:25 GMT
expires: Fri, 19 Apr 2024 21:50:25 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71785
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/arrow-l-1.svg | 134.209.88.167 | 200 OK | 1.3 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/arrow-l-1.svg IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeSVG Scalable Vector Graphics image Hashdd490fbe1b6c94eac7f21c8dc6ac925d 3bde9a1da823ec9c77a6eb73973610eb4f5e5da2 bd23218509398902084f7c86acf826cb0536b470c608b1f16ac9197bf1a6a956
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/icons/arrow-l-1.svg HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: image/svg+xml
content-length: 1281
last-modified: Tue, 23 Jan 2024 15:31:21 GMT
etag: "65afdbc9-501"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/arrow-l-2.svg | 134.209.88.167 | 200 OK | 1.3 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/arrow-l-2.svg IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeSVG Scalable Vector Graphics image Hash3b8ae8034414ab8ff9d61502031dcf5b c28723dabdb2956da70a440282847952c02d8323 5236639fda4ff456be107ee985119657e5a9876edfe9f02ee02cf8a24a441a30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/icons/arrow-l-2.svg HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: image/svg+xml
content-length: 1335
last-modified: Tue, 23 Jan 2024 15:31:21 GMT
etag: "65afdbc9-537"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/arrow-r-1.svg | 134.209.88.167 | 200 OK | 1.3 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/arrow-r-1.svg IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeSVG Scalable Vector Graphics image Hash28e293c87e5f57b3030a81244bfb8812 4bfd0da50cd9508b0f5e367689eea906e0c134ca 1b0325c112f6085c152c6f26fa57cd7db7f089a084ba09395338c29aa89edb51
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/icons/arrow-r-1.svg HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: image/svg+xml
content-length: 1285
last-modified: Tue, 23 Jan 2024 15:31:22 GMT
etag: "65afdbca-505"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/arrow-r-2.svg | 134.209.88.167 | 200 OK | 1.3 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/arrow-r-2.svg IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeSVG Scalable Vector Graphics image Hashb46fc699042eb97add8c9700d6cba242 1532b02ad4c62de716d340a01aba9a0a22e73d4b 5531b5692d3472856303c2af0f80bdc4868f5ed4b2db6872ede0b9b1b770f75c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/icons/arrow-r-2.svg HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: image/svg+xml
content-length: 1335
last-modified: Tue, 23 Jan 2024 15:31:21 GMT
etag: "65afdbc9-537"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/files/audio/audio.mp3 | 134.209.88.167 | 206 Partial Content | 985 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/files/audio/audio.mp3 IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeAudio file with ID3 version 2.2.0, contains: MPEG ADTS, layer III, v1, 160 kbps, 44.1 kHz, JntStereo Size985 kB (985255 bytes) Hash94d04dc788cbfb4f8008e7b9e590974b d07856473e1156b0d71097d84443465c4f91d480 2f30142d6771f0b4172472747f26c5ef6ce0c3e7b4c41e3e0bbf65a286c2a564
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/files/audio/audio.mp3 HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10=
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: audio/mpeg
content-length: 985255
last-modified: Tue, 23 Jan 2024 15:31:25 GMT
etag: "65afdbcd-f08a7"
strict-transport-security: max-age=31536000
content-range: bytes 0-985254/985255
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/files/audio/snap.mp3 | 134.209.88.167 | 206 Partial Content | 6.3 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/files/audio/snap.mp3 IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 48 kbps, 44.1 kHz, Stereo Hash00b7f5bc7963585e953baf12f6a9baa3 c4d8bf0b2130acbf1024ec48db5b709781f865a0 127f81f3512fa4535574857bd13d9dd05acf1660c0d323f3f2da6a5b9bfb9e89
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/files/audio/snap.mp3 HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10=
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: audio/mpeg
content-length: 6313
last-modified: Tue, 23 Jan 2024 15:31:24 GMT
etag: "65afdbcc-18a9"
strict-transport-security: max-age=31536000
content-range: bytes 0-6312/6313
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/backgrounds/web/bg-step.webp | 134.209.88.167 | 200 OK | 68 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/backgrounds/web/bg-step.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 3840x1938, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5b8fe76f2c048290d55f4fda2071b47 0e4c70c42070f63978d4052b3e97c17cd061c7f4 ff7d8cae78bf71e120a899aeeef225f383463556cc953820f2b5c937d08c6976
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/backgrounds/web/bg-step.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 68198
last-modified: Tue, 23 Jan 2024 15:31:51 GMT
etag: "65afdbe7-10a66"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/images/web/img-item1.webp | 134.209.88.167 | 200 OK | 384 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/images/web/img-item1.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 3272x1718, Scaling: [none]x[none], YUV color, decoders should clamp Size384 kB (384476 bytes) Hash01aa10dd8ff7591aff5e6e5aecf94c34 884b0710563315fd066ba24a6b5a90fe1de97e6d 3c3a3ff182db8134bee58deb4ac6956ba792e0cfbb4fa1a6214b4a014f0d2f06
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/images/web/img-item1.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 384476
last-modified: Tue, 23 Jan 2024 15:31:43 GMT
etag: "65afdbdf-5dddc"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img1.webp | 134.209.88.167 | 200 OK | 43 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img1.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 966x1440, Scaling: [none]x[none], YUV color, decoders should clamp Hash116d2ed4fbe28b805de2dfb39c704c2c 6e27f15f1d37735d26b8d96f81bdee192d9731c1 c7b82df0a713dff8be27595d56585ecc92bae85aa6dfda0ecb83696f0d6e9ccb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/card/web/card-img1.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 42658
last-modified: Tue, 23 Jan 2024 15:31:33 GMT
etag: "65afdbd5-a6a2"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img2.webp | 134.209.88.167 | 200 OK | 43 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img2.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 966x1620, Scaling: [none]x[none], YUV color, decoders should clamp Hash19cfc9e90138bcf7e03a1a7d8afb7779 a88e20312696fcb736ea4402a8fd9dffb483f691 d5a70dcb0cadaa6caf93070eb615c75b9e4715b3fc7b40c00f9477a6230f308d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/card/web/card-img2.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 42900
last-modified: Tue, 23 Jan 2024 15:31:31 GMT
etag: "65afdbd3-a794"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img3.webp | 134.209.88.167 | 200 OK | 46 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img3.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 966x1620, Scaling: [none]x[none], YUV color, decoders should clamp Hashb4e1f9bd301228ba26216de39c9c0996 7fb90176b0916f8f2022dbb40451e134b8ee9f3a 740d570289fd4eb4398050c30ef4b362cf7015a8be02570e5e49691a183e70cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/card/web/card-img3.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 45858
last-modified: Tue, 23 Jan 2024 15:31:31 GMT
etag: "65afdbd3-b322"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/images/web/img-item2.webp | 134.209.88.167 | 200 OK | 85 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/images/web/img-item2.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 3272x1386, Scaling: [none]x[none], YUV color, decoders should clamp Hashdd4a929629f3556fdcd4880ba1d3b2fe 6c29376112db9cd20e686d8b073afe2024dc79a7 efd92db4b0c19fdd07b07d226a5afbf384e399c1fcf527607afa43ae62c82110
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/images/web/img-item2.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 85404
last-modified: Tue, 23 Jan 2024 15:31:44 GMT
etag: "65afdbe0-14d9c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img4.webp | 134.209.88.167 | 200 OK | 34 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img4.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 966x1620, Scaling: [none]x[none], YUV color, decoders should clamp Hash75fad5fb92691e5b0f6303144d43aafe b29c4ed6509b18f7da9f70a5347ffbdf77a8cb22 c1d76d54cc66357c15571377011c5eb99655bc0f337492696f30e2f65cfe9990
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/card/web/card-img4.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 33766
last-modified: Tue, 23 Jan 2024 15:31:32 GMT
etag: "65afdbd4-83e6"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| freedirtygame.xyz/fonts/Roboto/Roboto-Bold.woff2 | 188.166.55.105 | 200 OK | 64 kB |
URL GET HTTP/2freedirtygame.xyz/fonts/Roboto/Roboto-Bold.woff2 IP188.166.55.105:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectwww.freedirtygame.xyz FingerprintAA:22:39:7A:9D:8F:5C:34:CB:05:17:9B:67:09:7F:E8:AD:94:2D:6E ValidityFri, 19 Apr 2024 11:40:32 GMT - Thu, 18 Jul 2024 11:40:31 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: freedirtygame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gamerascend.com
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 04 Jan 2023 14:18:44 GMT
etag: "63b58ac4-f9b0"
access-control-allow-origin: https://gamerascend.com
access-control-allow-methods: https://gamerascend.com
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img5.webp | 134.209.88.167 | 200 OK | 49 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img5.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 966x1620, Scaling: [none]x[none], YUV color, decoders should clamp Hashed0fd1eb2812cb2e24e51a4ccd9a1eb6 c55719d5b18790591a60875a6ea2e858a20d326c d18d36757f60b75d7487ff45e019268e2b437aef26a971b885620c0b9b6e94da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/card/web/card-img5.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 49152
last-modified: Tue, 23 Jan 2024 15:31:32 GMT
etag: "65afdbd4-c000"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| freedirtygame.xyz/fonts/Oswald/Oswald-Bold.woff2 | 188.166.55.105 | 200 OK | 28 kB |
URL GET HTTP/2freedirtygame.xyz/fonts/Oswald/Oswald-Bold.woff2 IP188.166.55.105:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectwww.freedirtygame.xyz FingerprintAA:22:39:7A:9D:8F:5C:34:CB:05:17:9B:67:09:7F:E8:AD:94:2D:6E ValidityFri, 19 Apr 2024 11:40:32 GMT - Thu, 18 Jul 2024 11:40:31 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 27628, version 1.0 Hash6fdc006b2506bd248403e763a6b548d2 3a43a8f273028d4fd07adda99ecdb4526ae1d9cf a2c32cf66531f036f72014d24657e4101439f01f5d3f935d90526f66e261452c
GET /fonts/Oswald/Oswald-Bold.woff2 HTTP/1.1
Host: freedirtygame.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gamerascend.com
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: font/woff2
content-length: 27628
last-modified: Wed, 05 Apr 2023 13:28:17 GMT
etag: "642d7771-6bec"
access-control-allow-origin: https://gamerascend.com
access-control-allow-methods: https://gamerascend.com
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img6.webp | 134.209.88.167 | 200 OK | 35 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/card/web/card-img6.webp IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 966x1620, Scaling: [none]x[none], YUV color, decoders should clamp Hash71fcd8f13b195b4c05e4f07956fbfbe1 39b808cab845599c04461a5e08605cfebd77fe8c 63c81a31eb4344baeba1e62c0962729e65811ab56167897d6fcf56ef77a757aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/card/web/card-img6.webp HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/webp
content-length: 34636
last-modified: Tue, 23 Jan 2024 15:31:32 GMT
etag: "65afdbd4-874c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/favicon.ico | 134.209.88.167 | 200 OK | 1.2 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/img/icons/favicon.ico IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash6826c70e42982a0633d8b56e58859b28 4911c3cbc19cd2bc7b835cb3dd13e3f5abf487db 45137b17d93faf8fffbe683ea3da08d677c04416312681b6b5ec7c50400b0a13
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/img/icons/favicon.ico HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:26 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Tue, 23 Jan 2024 15:31:21 GMT
etag: "65afdbc9-47e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048 | 134.209.88.167 | 200 OK | 55 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048 IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeASCII text, with very long lines (54768), with no line terminators Hash8d4f1de9dc455a3918c2275aa30c1bc8 1261509e7a51c81d860fe4f76dc876080b80ad2a a757ee020f0c5636b7e64f17fedade7a3f808e793c1b77edf7ac805e7fbccd20
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/css/style.min.css?_v=20230724163048 HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: text/css
last-modified: Tue, 23 Jan 2024 15:29:57 GMT
vary: Accept-Encoding
etag: W/"65afdb75-d5f0"
expires: Sat, 20 Apr 2024 09:50:25 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| adverster.b-cdn.net/freedirtygame/jquery.min.js?_v=20230724163048 | 169.150.247.34 | 200 OK | 90 kB |
URL GET HTTP/2adverster.b-cdn.net/freedirtygame/jquery.min.js?_v=20230724163048 IP169.150.247.34:443 ASN#60068 Datacamp Limited
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerSectigo Limited Subject*.b-cdn.net FingerprintFC:D9:3E:09:69:F5:9D:8A:AA:45:73:03:05:F1:8D:E4:5B:80:10:E4 ValiditySun, 05 Nov 2023 00:00:00 GMT - Mon, 11 Nov 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /freedirtygame/jquery.min.js?_v=20230724163048 HTTP/1.1
Host: adverster.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: application/javascript
server: BunnyCDN-DE1-1077
cdn-pullzone: 303693
cdn-uid: f45a7a2e-6fd6-42fa-b15d-1efd29fb00dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: W/"62ae068d-15d84"
last-modified: Sat, 18 Jun 2022 17:08:29 GMT
cdn-storageserver: DE-677
cdn-fileserver: 339
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 18:59:18
cdn-edgestorageid: 1055
cdn-status: 200
cdn-requestid: 343445c9c3466bdfe3a5a1a3ccfaa827
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= | 134.209.88.167 | 200 OK | 8.4 kB |
URL User Request GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
File typeHTML document, ASCII text, with very long lines (8868), with no line terminators Hash9baa013ac81e3b6c9478ac22564bbbeb 42fcbab46b1c32dc9bb2f963a41ca0f6c64fa1b4 ea997d5bf5248bd7387cc2dfa3b3137bbc12b1a06311f160f2a147789accbdfe
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: text/html
last-modified: Tue, 23 Jan 2024 15:29:47 GMT
vary: Accept-Encoding
etag: W/"65afdb6b-20ec"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gamerascend.com/pre/FreedirtyGames_v3_1/js/main.min.js?_v=20230724163048 | 134.209.88.167 | 200 OK | 328 kB |
URL GET HTTP/2gamerascend.com/pre/FreedirtyGames_v3_1/js/main.min.js?_v=20230724163048 IP134.209.88.167:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10= CertificateIssuerLet's Encrypt Subjectgamerascend.com Fingerprint54:99:6F:2E:D6:7C:A9:ED:65:65:54:03:EC:EE:4A:96:9D:29:48:97 ValidityThu, 28 Mar 2024 23:11:21 GMT - Wed, 26 Jun 2024 23:11:20 GMT
Size328 kB (328437 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pre/FreedirtyGames_v3_1/js/main.min.js?_v=20230724163048 HTTP/1.1
Host: gamerascend.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gamerascend.com/pre/FreedirtyGames_v3_1/?partner=bc&next=FreedirtyGames_v3&clickid=wm7j4gv0qhbat5n0j4k90nek&country=NO&tsource=7179&m1=Firefox&m2=Norway&voluum_id=462ddfad-df18-4146-aa9f-7f167085a1e8&p1=affise&p2=346&p3=Mainstream_Games%20-%20Straight%20-%20Smartlink%20%28346%29&p4=MyLead&p5=7179&p6=Spicy%20Game%20All%20geo%20CPS%20%28mainstream%20LP%29&p7=mainstream%20game%20-%20%28FreedirtyGames_v3_1%20%2B%20FreedirtyGames_v3%29%20-%20iframe%20-%20Affiliate&p8=&p9=&p10=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 21:50:25 GMT
content-type: application/javascript
last-modified: Tue, 23 Jan 2024 15:29:59 GMT
vary: Accept-Encoding
etag: W/"65afdb77-502f5"
expires: Sat, 20 Apr 2024 09:50:25 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|