urlscan.io logo urlscan.io
SecurityTrails logo

lp.ad-dirtyzone.com Open in urlscan Pro
2606:4700:4400::ac40:9538  Public Scan

Go To Rescan Add Verdict Report
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3Ai...
Submission: On December 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 2606:4700:4400::ac40:9538, located in United States and belongs to CLOUDFLARENET, US. The main domain is lp.ad-dirtyzone.com.
TLS certificate: Issued by E5 on November 29th 2024. Valid for: 3 months.
This is the only time lp.ad-dirtyzone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:440... 13335 (CLOUDFLAR...)
15 2606:4700:440... 13335 (CLOUDFLAR...)
3 104.17.111.223 13335 (CLOUDFLAR...)
3 104.16.160.145 13335 (CLOUDFLAR...)
25 4
Apex Domain
Subdomains		 Transfer
15 servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 432113
231 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 5669
onesignal.com — Cisco Umbrella Rank: 1761
img.onesignal.com — Cisco Umbrella Rank: 10383
91 KB
5 ad-dirtyzone.com
lp.ad-dirtyzone.com
10 KB
25 3
Domain Requested by
15 lpmedia.servefilesonly.com lp.ad-dirtyzone.com
5 lp.ad-dirtyzone.com 1 redirects lp.ad-dirtyzone.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com lp.ad-dirtyzone.com
cdn.onesignal.com
1 img.onesignal.com
25 5

This site contains links to these domains. Also see Links.

Domain
track.datesearch.club
Subject Issuer Validity Valid
ad-dirtyzone.com
E5		 2024-11-29 -
2025-02-27		 3 months crt.sh
servefilesonly.com
E5		 2024-12-02 -
2025-03-02		 3 months crt.sh
*.onesignal.com
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh
onesignal.com
WE1		 2024-10-31 -
2025-01-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Frame ID: E423F2401D8D95907700FDAAABCFACC1
Requests: 23 HTTP requests in this frame

Frame: https://lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js
Frame ID: D18D6EA6ED89382E961992C18ED70ED8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

promo.ad-dirtyzone.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

25
Requests

96 %
HTTPS

50 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

332 kB
Transfer

716 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sinder6000
lp.ad-dirtyzone.com/landing/ 		19 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac0b6b51aad6adf811d4cad81dc5a8523b9385920b3a1d7ab10cb51db29a5963

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8f5094ea1ce3d9db-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 20 Dec 2024 15:14:22 GMT
link
<lp.ad-dirtyzone.com/landing/sinder6000?tpcampid=6bed10a3-d244-4d7c-ae2f-3d82f6504b1d>; rel="canonical"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
corner.css
lpmedia.servefilesonly.com/widgets/corner/ 		246 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/widgets/corner/corner.css?1547700
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6763e035-f6"
age
102183
cf-ray
8f5094eb9e53bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
access-control-allow-origin
*
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
text/css
last-modified
Thu, 19 Dec 2024 08:58:29 GMT
vary
Accept-Encoding
server
cloudflare
style.css
lpmedia.servefilesonly.com/style/templates/sinder/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/style/templates/sinder/style.css?1547700
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bd4e775003f35efe586106a1d1830c63f163e62eace7d7af57a2c18ff57c05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6763e035-597f"
age
102183
cf-ray
8f5094eb9e54bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
access-control-allow-origin
*
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
text/css
last-modified
Thu, 19 Dec 2024 08:58:29 GMT
vary
Accept-Encoding
server
cloudflare
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"09282956186c8515ef0d208902803581"
age
287
expires
Mon, 23 Dec 2024 15:14:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
8f5094ec1bc83678-FRA
server
cloudflare
sinder-bg.jpg
lpmedia.servefilesonly.com/img/_patterns/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_patterns/sinder-bg.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b741fc2c6e32b5d19095cb953234e4a10f4a95ea653f8885763418bee81f4c72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"6762a0a5-1649b"
age
134430
cf-cache-status
HIT
cf-ray
8f5094eb9e55bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
91291
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Wed, 18 Dec 2024 10:15:01 GMT
vary
Accept-Encoding
server
cloudflare
sinder-logo.png
lpmedia.servefilesonly.com/img/_logos/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_logos/sinder-logo.png
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eae3c9749417857c664a6f82600e1f02287b00a6455d6368a261637fc364e01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-cache-status
HIT
etag
"675ab94a-19c0"
age
565696
cf-ray
8f5094eb9e57bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
6592
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/png
last-modified
Thu, 12 Dec 2024 10:22:02 GMT
vary
Accept-Encoding
server
cloudflare
1.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/1.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1f201b18b36ca1ae044352f0f0d70cd0ae93e8766d66fb348f8f1287653d55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"675ab94f-2e24"
age
128886
cf-cache-status
HIT
cf-ray
8f5094ebfeaebb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11812
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Thu, 12 Dec 2024 10:22:07 GMT
vary
Accept-Encoding
server
cloudflare
2.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/2.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8faa081e6882ee0f122d91974fef08b70d6e3f36205e7f640689bc331344d223

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"67612525-22e6"
age
198619
cf-cache-status
HIT
cf-ray
8f5094ebfeb0bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
8934
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Tue, 17 Dec 2024 07:15:49 GMT
vary
Accept-Encoding
server
cloudflare
3.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/3.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943cce135d62e8da6ba5932ec79fa44e9915989182f41e229b360efc12e3105e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"675ab94f-2ea1"
age
391855
cf-cache-status
HIT
cf-ray
8f5094ebfeb1bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11937
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Thu, 12 Dec 2024 10:22:07 GMT
vary
Accept-Encoding
server
cloudflare
4.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/4.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
616a9d2655c2bd54a373f102eb07dc91b0eb30bb93a4a398b58a944ff52494d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"67600716-2674"
age
289428
cf-cache-status
HIT
cf-ray
8f5094ebfeb5bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9844
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Mon, 16 Dec 2024 10:55:18 GMT
vary
Accept-Encoding
server
cloudflare
5.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/5.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ff5f8add2899ea40659c6742d691b1ed4f5c870e40c825bfadc6e7f66bed834

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"675ab94f-2bfd"
age
479965
cf-cache-status
HIT
cf-ray
8f5094ebfeb6bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
11261
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Thu, 12 Dec 2024 10:22:07 GMT
vary
Accept-Encoding
server
cloudflare
6.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/6.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21519ef53d4d61d36e271185efc08a74475d0b4bfffa4d06b9c1df43e9ccf321

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"67600716-2fb4"
age
294442
cf-cache-status
HIT
cf-ray
8f5094ebfeb7bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
12212
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Mon, 16 Dec 2024 10:55:18 GMT
vary
Accept-Encoding
server
cloudflare
7.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/7.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b215321abdd9fda77c4ad78411a41bd691ab178a2c24086b211678116ebc05e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"6763e02a-2565"
age
19354
cf-cache-status
HIT
cf-ray
8f5094ebfeb9bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9573
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Thu, 19 Dec 2024 08:58:18 GMT
vary
Accept-Encoding
server
cloudflare
8.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/8.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf96495fef24e17e34a8d72825d1c617b921a384e8eaab121d7074a6e8b0de8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"6752bf41-3700"
age
460561
cf-cache-status
HIT
cf-ray
8f5094ebfebabb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
14080
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Fri, 06 Dec 2024 09:09:21 GMT
vary
Accept-Encoding
server
cloudflare
9.jpg
lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lpmedia.servefilesonly.com/img/_pictures/fsk16/s/sinder/9.jpg
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d4f61a6053d5af58f229d985715a8773a859f36ad709a618ce6391be940e0ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
cf-bgj
h2pri
etag
"675ab94f-277a"
age
222117
cf-cache-status
HIT
cf-ray
8f5094ebfebbbb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10106
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
image/jpeg
last-modified
Thu, 12 Dec 2024 10:22:07 GMT
vary
Accept-Encoding
server
cloudflare
script.sizzle.min.js
lpmedia.servefilesonly.com/js/sinder/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/sinder/script.sizzle.min.js?1547700
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67034deb9b3cb117f2f0f5faa763b2d0563a591bec3eb8a778694196d9fa20fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6763e034-153f9"
age
102177
cf-ray
8f5094ebfeabbb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
access-control-allow-origin
*
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
application/javascript
last-modified
Thu, 19 Dec 2024 08:58:28 GMT
vary
Accept-Encoding
server
cloudflare
popwin.js
lpmedia.servefilesonly.com/js/ 		1 KB
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lpmedia.servefilesonly.com/js/popwin.js?1547700
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:23e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

cache-control
public, max-age=691200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6763e034-499"
age
102183
cf-ray
8f5094ebfeb4bb80-FRA
expires
Sat, 28 Dec 2024 15:14:22 GMT
access-control-allow-origin
*
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
application/javascript
last-modified
Thu, 19 Dec 2024 08:58:28 GMT
vary
Accept-Encoding
server
cloudflare
main.js
lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/ Frame D18D
Redirect Chain
  • https://lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232
Protocol
H2
Server
2606:4700:4400::ac40:9538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2716b2b04c956f42858ebb5d990704c543a2b0072e40282989cceab4e11066ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8f5094ecb9fcd9db-FRA
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/787bc399e22f/main.js?
cf-ray
8f5094ec898ed9db-FRA
access-control-allow-origin
*
content-length
0
date
Fri, 20 Dec 2024 15:14:22 GMT
vary
Accept-Encoding
server
cloudflare
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"7e91359b46e1da637080a03b759164fa"
age
3332
expires
Mon, 23 Dec 2024 15:14:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=259200
via
1.1 google
cf-ray
8f5094ec8c263678-FRA
server
cloudflare
8f5094ea1ce3d9db
lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D18D 		0
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/h/b/jsd/r/8f5094ea1ce3d9db
Requested by
Host: lp.ad-dirtyzone.com
URL: https://lp.ad-dirtyzone.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8f5094ed5b1bd9db-FRA
content-length
0
date
Fri, 20 Dec 2024 15:14:22 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
web
onesignal.com/api/v1/sync/0e77a9d3-b505-4197-b1c8-f5786fc497e0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/0e77a9d3-b505-4197-b1c8-f5786fc497e0/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe87b09141142467bc88f7df4a416eb5dffef93bf5ac0ebb8146f455cf2ad566
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

x-request-id
4407d0ab-b07d-46b9-b5a3-1e4446d21e62
content-encoding
br
cf-cache-status
EXPIRED
etag
W/"fe87b09141142467bc88f7df4a416eb5"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
expires
Fri, 20 Dec 2024 16:14:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 15:14:23 GMT
content-type
text/javascript; charset=utf-8
vary
Origin, Accept-Encoding
x-runtime
0.054139
priority
u=3,i=?0
access-control-allow-headers
SDK-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=3600
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 google
cf-ray
8f5094edacae9769-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
casualdatingHeart_fav.png
lp.ad-dirtyzone.com/assets/img/_favicons/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lp.ad-dirtyzone.com/assets/img/_favicons/casualdatingHeart_fav.png?1547700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9538 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e18486908bfa209ac16eb30755e51b4c93f7629bbafc5aae6be0428efd8fa6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/landing/sinder6000?subPublisher=banner%3Axbabe.com%3A%3AinplayerB&zone=banner%3Axbabe.com%3A%3AinplayerB&adformat=banner&auctionid=6764548a77701-432229&uniqueid=c41d08cf7b3144e0933325b077488d67&name=11175_banner_300x250_usa_desktop_Bravomedia&width=3...%20311%20...06-0abc-44cc-a908-956747467232

Response headers

cache-control
public, max-age=172800
cf-cache-status
HIT
etag
"6763e025-4c5"
age
101906
cf-ray
8f5094ee5d82d9db-FRA
expires
Sun, 22 Dec 2024 15:14:23 GMT
accept-ranges
bytes
content-length
1221
date
Fri, 20 Dec 2024 15:14:23 GMT
content-type
image/png
last-modified
Thu, 19 Dec 2024 08:58:13 GMT
vary
Accept-Encoding
server
cloudflare
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
age
288
expires
Sun, 19 Jan 2025 15:14:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 15:14:23 GMT
content-type
text/css
vary
Accept-Encoding
priority
u=0,i=?0
access-control-allow-headers
OneSignal-Subscription-Id
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=2592000
via
1.1 google
cf-ray
8f5094ee6d769769-FRA
server
cloudflare
icon
onesignal.com/api/v1/apps/0e77a9d3-b505-4197-b1c8-f5786fc497e0/ 		308 B
845 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/0e77a9d3-b505-4197-b1c8-f5786fc497e0/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45e72dc18a51c61073a1986f53a149a331745b3735a6e252d22bb58bff405cce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

x-request-id
2d7f3c20-f4eb-4279-aa69-e9f721c1973d
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"45e72dc18a51c61073a1986f53a149a3"
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 20 Dec 2024 15:14:23 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin, Accept-Encoding
x-runtime
0.016021
priority
u=1,i
access-control-allow-headers
SDK-Version
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
via
1.1 google
cf-ray
8f5094eebc403732-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
jNqg5kESzimxhd9PPi3P_4ee73a6a-cef9-4190-ad47-9baa8278f6ee.png
img.onesignal.com/permanent/262292a1-748f-4a24-8978-b08f7776e31d/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/262292a1-748f-4a24-8978-b08f7776e31d/jNqg5kESzimxhd9PPi3P_4ee73a6a-cef9-4190-ad47-9baa8278f6ee.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2830fdd2d01b47bb7e6da2b93acea49c3ca8ab3c088c37e9c260636a6f4acf9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lp.ad-dirtyzone.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=VV2vcw==, md5=Vf8W8/VpBV8jju6vbxR1XQ==
cf-bgj
imgq:85,h2pri
etag
"-CLPJ4KzliocDEAE="
cf-cache-status
REVALIDATED
x-goog-stored-content-encoding
identity
expires
Mon, 20 Jan 2025 15:14:23 GMT
cf-polished
origSize=10407, status=vary_header_present
alt-svc
h3=":443"; ma=86400
x-goog-stored-content-length
10407
server-timing
cfExtPri
date
Fri, 20 Dec 2024 15:14:23 GMT
content-type
image/png
last-modified
Wed, 03 Jul 2024 11:43:09 GMT
vary
Origin, Accept-Encoding
priority
u=1,i
x-guploader-uploadid
AHmUCY1zYHRJNN3_Ahr0LSQl-2argo3TFMK3odQuq05cwjxL_GUhyqx84CsbMByBHagFy_mTFSHYxrRTVg
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
public, max-age=2678400
pragma
no-cache
x-goog-storage-class
STANDARD
cf-ray
8f5094ef8e993678-FRA
x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
accept-ranges
bytes
x-goog-generation
1720006989063347
content-length
6226
server
cloudflare

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| OneSignal function| $ function| jQuery object| Popwin function| populateLinks number| __oneSignalSdkLoadCount function| __jp0

5 Cookies

Domain/Path Name / Value
lp.ad-dirtyzone.com/ Name: PHPSESSID
Value: vaieo5fgpg1l6ikmp5o05ejvkc
.ad-dirtyzone.com/ Name: __cf_bm
Value: M9mv6C.W2QekyfED5EdHkGk1EglJSKY69GOQ7MYzrXU-1734707662-1.0.1.1-ubHMoh5VZHjm8MwiwJ1tNPZ.OWWUyEnPR7W8qG6_.r3U7DJqGBQWHnWrhJ1s266rriqaTrSz4I1A6BkftlJAYA
.servefilesonly.com/ Name: __cf_bm
Value: b3K0.NwfYX1vd17ObF0XT1iznWV7f.qbgMx.8cBUlqg-1734707662-1.0.1.1-lXurveSv5fxFJutMWDADJY9q7q6JrkuPr3JWZz0pBr4U8GZLL2ljRxqvV2SjRb_p.FkC9C3aL6dST3fw_Z0rZg
.onesignal.com/ Name: __cf_bm
Value: NZWtMagYQ94P294viQl2nAF.PpZpKzikVujao6kNwQc-1734707662-1.0.1.1-MQpeyY7_y25VuqZizBkIJZWFg4GdZ_AKVWRPMBni7_oCCvW87tbCrxYUIe5vPQmuTGrOli_0C9P6RaR2rItF7A
.ad-dirtyzone.com/ Name: cf_clearance
Value: OfssDsL3m8p1UiY6Oh6uPzE_DwS.pImDYYSNTr7cjXQ-1734707662-1.2.1.1-E7mA1koNgd.VEYONfYgED.bcPIGvS4TiRpPr7oOKu.UqbuhIGMbf8KKBwK1YQter8LcpxTuha9v4m0e8TIaEzuM2MVM_4z7dvE4nWknlhFMrE6C.QRGnMGelgDtXThzZjpqYUs9MUdUw2A4TqGgWtkJWOa1ib1pEKLvY77E1nDRyZtCTyZWMu8O_qX93As.ohWs.1bbDG70AMU.Qb_zbH.Ctc3wGk_FxfrdzSQjc3smoauWVDQUW3Y4y_A99D6HYYk9iYMlfPy7KnQ_Mt4nX9dy4E0CB__3lhDScQDWS9O9fcftFlAU8PQWK8SO_RVYrPnKwZzy9jOBNPFFPYsKM3CzfWjMcuzuh6HlVfP6MaDlMSAZ6KghLiqpSyZWerBAc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
img.onesignal.com
lp.ad-dirtyzone.com
lpmedia.servefilesonly.com
onesignal.com
104.16.160.145
104.17.111.223
2606:4700:4400::6812:23e7
2606:4700:4400::ac40:9538
05bd4e775003f35efe586106a1d1830c63f163e62eace7d7af57a2c18ff57c05
0dccbd3f3d3f9074ca635cc844fcf4c9d31116ae88b53867f07030918b40c88d
1cf96495fef24e17e34a8d72825d1c617b921a384e8eaab121d7074a6e8b0de8
1d4f61a6053d5af58f229d985715a8773a859f36ad709a618ce6391be940e0ff
1e18486908bfa209ac16eb30755e51b4c93f7629bbafc5aae6be0428efd8fa6c
1ff5f8add2899ea40659c6742d691b1ed4f5c870e40c825bfadc6e7f66bed834
21519ef53d4d61d36e271185efc08a74475d0b4bfffa4d06b9c1df43e9ccf321
2716b2b04c956f42858ebb5d990704c543a2b0072e40282989cceab4e11066ed
45e72dc18a51c61073a1986f53a149a331745b3735a6e252d22bb58bff405cce
616a9d2655c2bd54a373f102eb07dc91b0eb30bb93a4a398b58a944ff52494d2
67034deb9b3cb117f2f0f5faa763b2d0563a591bec3eb8a778694196d9fa20fe
785d3e9ea187b7242e1a4365a48c3fd95dd7a469245d24c6769b8d46c4ef4b81
7eae3c9749417857c664a6f82600e1f02287b00a6455d6368a261637fc364e01
80c43823e625ee5e54008f00ff89c66020c614dae397401177a790fee8c950a0
8b1f201b18b36ca1ae044352f0f0d70cd0ae93e8766d66fb348f8f1287653d55
8faa081e6882ee0f122d91974fef08b70d6e3f36205e7f640689bc331344d223
943cce135d62e8da6ba5932ec79fa44e9915989182f41e229b360efc12e3105e
ac0b6b51aad6adf811d4cad81dc5a8523b9385920b3a1d7ab10cb51db29a5963
b215321abdd9fda77c4ad78411a41bd691ab178a2c24086b211678116ebc05e6
b741fc2c6e32b5d19095cb953234e4a10f4a95ea653f8885763418bee81f4c72
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e2830fdd2d01b47bb7e6da2b93acea49c3ca8ab3c088c37e9c260636a6f4acf9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec8b1b07980996f574075e1b7e895d5d47794b9dcf345a68d60fbb17034f7bef
fe87b09141142467bc88f7df4a416eb5dffef93bf5ac0ebb8146f455cf2ad566