dirtyscam.com Open in urlscan Pro
2606:4700:30::681b:a8d3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dirtyscam.com/
Effective URL:
https://dirtyscam.com/
Submission: On June 14 via manual (June 14th 2019, 2:27:53 pm UTC) from US

Summary HTTP 66 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 12 domains to perform 66 HTTP transactions. The main IP is 2606:4700:30::681b:a8d3, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is dirtyscam.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 20th 2018. Valid for: a year.

This is the only time dirtyscam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:30:... 2606:4700:30::681b:a8d3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
10	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
8	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
4	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
8	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
66	22

6 2606:4700:30::681b:a8d3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

dirtyscam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

mk0mukaculidjafisqoh.kinstacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	wp.com c0.wp.com s0.wp.com stats.wp.com i0.wp.com i2.wp.com i1.wp.com pixel.wp.com	324 KB
10	kinstacdn.com mk0mukaculidjafisqoh.kinstacdn.com	212 KB
9	google.com maps.google.com www.google.com adservice.google.com	114 KB
6	dirtyscam.com 1 redirects dirtyscam.com	123 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	135 KB
4	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	102 B
4	googlesyndication.com pagead2.googlesyndication.com	190 KB
4	cloudflare.com cdnjs.cloudflare.com	28 KB
3	googleapis.com ajax.googleapis.com fonts.googleapis.com maps.googleapis.com	7 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	171 B
66	12

	Domain	Requested by
10	mk0mukaculidjafisqoh.kinstacdn.com	dirtyscam.com
8	c0.wp.com	dirtyscam.com
6	dirtyscam.com	1 redirects dirtyscam.com c0.wp.com
5	www.google.com	dirtyscam.com www.gstatic.com
4	fonts.gstatic.com	dirtyscam.com
4	i1.wp.com	dirtyscam.com
4	pagead2.googlesyndication.com	dirtyscam.com pagead2.googlesyndication.com
4	cdnjs.cloudflare.com	dirtyscam.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	i2.wp.com	dirtyscam.com
3	maps.google.com	dirtyscam.com maps.google.com
2	www.google-analytics.com	1 redirects dirtyscam.com
1	maps.googleapis.com	maps.google.com
1	pixel.wp.com	dirtyscam.com
1	www.gstatic.com	www.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	ajax.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	dirtyscam.com
1	i0.wp.com	dirtyscam.com
1	ajax.googleapis.com	dirtyscam.com
1	stats.wp.com	dirtyscam.com
1	s0.wp.com	dirtyscam.com
66	24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-11-20` - `2019-11-20`	a year	crt.sh
*.kinstacdn.com COMODO RSA Domain Validation Secure Server CA	`2018-11-19` - `2021-02-16`	2 years	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://dirtyscam.com/
Frame ID: DB07F0B7ADF7056A9666975869BB2A58
Requests: 59 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js
Frame ID: 7ACB6E5105C5A857A573E7ACD6936271
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html
Frame ID: ADE1B90450174683615CD6EE4F9E8EF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7011024939395431&output=html&h=90&slotname=1111339304&adk=2139595974&adf=4210465007&w=740&fwr_io=false&fwrn=1&fwrnh=100&lmt=1560522456&rafmt=1&guci=1.2.0.0.2.2.0.0&format=740x90&url=https%3A%2F%2Fdirtyscam.com%2F&flash=0&fwr=0&fwrattr=false&resp_fmts=3&wgl=1&dt=1560522456035&bpp=19&bdt=1675&fdt=300&idt=300&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&correlator=1402155400155&frm=20&pv=2&ga_vid=212170688.1560522456&ga_sid=1560522456&ga_hid=741116374&ga_fc=0&iag=0&icsg=8589977600&dssz=26&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=1377&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=1&fu=144&bc=31&osw_key=1399190000&ifi=1&uci=1.gkr339h4f9i5&fsb=1&xpc=2JKXyguN54&p=https%3A//dirtyscam.com&dtd=344
Frame ID: F32055A281927BC15A79AA70D1DF2D6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7011024939395431&output=html&adk=1812271804&adf=3025194257&lmt=1560522457&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fdirtyscam.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560522457190&bpp=21&bdt=2831&fdt=31&idt=31&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=740x90&nras=1&correlator=1402155400155&frm=20&pv=1&ga_vid=212170688.1560522456&ga_sid=1560522456&ga_hid=741116374&ga_fc=0&iag=0&icsg=175922036604928&dssz=36&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=3759136611&ifi=1&uci=1.5lfwhbs8o8w6&fsb=1&dtd=58
Frame ID: A7142823942C2168585FAF5B3E6DB49C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&co=aHR0cHM6Ly9kaXJ0eXNjYW0uY29tOjQ0Mw..&hl=en&v=v1559543665173&theme=light&size=compact&cb=vcs1fgo7xhvy
Frame ID: F2062C3ED94FB9B2B32FDEB3639A0082
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&co=aHR0cHM6Ly9kaXJ0eXNjYW0uY29tOjQ0Mw..&hl=en&v=v1559543665173&theme=light&size=compact&cb=fqs239j31h57
Frame ID: A7D4D351A0F8E674BC40164749241315
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1559543665173&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&cb=4swaogoll3tu
Frame ID: A946F8B3F2CCB6406211A807CCA9FA51
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1559543665173&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&cb=bjho0f7340bv
Frame ID: 9CB6EBF865F022F22624C10B1B0721E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dirtyscam.com/ HTTP 301
https://dirtyscam.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

script /googleapis\.com\/.+webfont/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Modernizr$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

env /^Recaptcha$/i

Page Statistics

66
Requests

100 %
HTTPS

81 %
IPv6

12
Domains

24
Subdomains

22
IPs

4
Countries

1178 kB
Transfer

3241 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/dirtyfraud
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/dirtyscam
Title: Twitter

Search URL Search Domain Scan URL

URL: https://plus.google.com/+Dirtyscam
Title: Google+

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dirtyscam.com/ HTTP 301
https://dirtyscam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=741116374&t=pageview&_s=1&dl=https%3A%2F%2Fdirtyscam.com%2F&ul=en-us&de=UTF-8&dt=Report%20Scam%20%E2%80%93%20Expose%20Scammer%20%E2%80%93%20Dirty%20Scam&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1136925012&gjid=2131046945&cid=212170688.1560522456&tid=UA-86098204-1&_gid=1266745083.1560522456&_r=1&z=934638616 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86098204-1&cid=212170688.1560522456&jid=1136925012&_gid=1266745083.1560522456&gjid=2131046945&_v=j76&z=934638616

66 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dirtyscam.com/
Redirect Chain

http://dirtyscam.com/
https://dirtyscam.com/

254 KB
24 KB

794ms
751ms

Document
text/html

2606:4700:30::681b:a8d3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:a8d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4bde4c327067ea5378160fb1aafc0dc67b677426b3d03633fecbca42e272748

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: dirtyscam.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 14 Jun 2019 14:27:34 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d408c6548cc2edfe2507b332ca2077a4e1560522453; expires=Sat, 13-Jun-20 14:27:33 GMT; path=/; domain=.dirtyscam.com; HttpOnly; Secure
vary: Accept-Encoding
link: <https://dirtyscam.com/wp-json/>; rel="https://api.w.org/"
x-kinsta-cache: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=5184000; includeSubDomains; preload
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e6cfc56f8689766-FRA
content-encoding: br

Redirect headers

Date: Fri, 14 Jun 2019 14:27:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 14 Jun 2019 15:27:33 GMT
Location: https://dirtyscam.com/
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4e6cfc56ac92d719-FRA

GET
H2 200 header-7a090e77.min.css
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 2 KB
1 KB 1000ms
58ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/header-7a090e77.min.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

157c0c7a2112b72373836d44f2badbd8953a6386d76fff195f7dc7c17073fe5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 946
last-modified: Wed, 12 Jun 2019 22:32:21 GMT
server: keycdn-engine
etag: "5d017d75-3b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61f941d6b9-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.2.1/wp-includes/css/dist/block-library/ 29 KB
5 KB 81ms
8ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
last-modified: Mon, 22 Apr 2019 12:40:04 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 13 Jun 2020 14:27:34 GMT

GET
H2 200 header-1f8c19bf.min.css
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 30 KB
8 KB 1027ms
88ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/header-1f8c19bf.min.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

9bafb8fb7e9c1322eb4c31c823401197581238d848a5818d410e72d53b4cab65

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 7259
last-modified: Wed, 12 Jun 2019 22:32:21 GMT
server: keycdn-engine
etag: "5d017d75-1c5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61fea6231c-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 dashicons.min.css
c0.wp.com/c/5.2.1/wp-includes/css/ 46 KB
28 KB 80ms
8ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.1/wp-includes/css/dashicons.min.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
last-modified: Wed, 15 May 2019 19:47:55 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 13 Jun 2020 14:27:34 GMT

GET
H2 200 header-f57a36e3.min.css
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 393 KB
59 KB 1030ms
93ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/header-f57a36e3.min.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

ebe09e7f4a4352d6d9c711c5bc7cf403278968696b45f85e1fae9a1b2f946655

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 60269
last-modified: Wed, 12 Jun 2019 22:32:21 GMT
server: keycdn-engine
etag: "5d017d75-eb6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61fc1264d9-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/ 15 KB
2 KB 17ms
17ms Stylesheet
text/css 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.5/css/select2.min.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:42 GMT
server: cloudflare
etag: W/"5afd4ad2-3b5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 03 Jun 2020 14:27:34 GMT
cache-control: public, max-age=30672000
cf-ray: 4e6cfc5bd92c9ab0-FRA
served-in-seconds: 0.010

GET
H2 200 header-30ad11f4.min.css
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 4 KB
2 KB 1029ms
93ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/header-30ad11f4.min.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

5b0a2245519b56ed26270f31a25ddb4c688b4712d734c258b7168fc3a4effb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 1158
last-modified: Wed, 12 Jun 2019 22:34:29 GMT
server: keycdn-engine
etag: "5d017df5-486"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61ffc1befb-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/7.4/css/ 70 KB
12 KB 76ms
9ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.4/css/jetpack.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9332bd23b1004c39934991c9196c859664e676ded48d355465378827dbcb1ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
last-modified: Tue, 28 May 2019 17:50:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 13 Jun 2020 14:27:34 GMT

GET
H2 200 header-905e0f06.min.css
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 13 KB
4 KB 1033ms
99ms Stylesheet
text/css 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/header-905e0f06.min.css

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

ea3caf9bd5a3d02f0e3fbd1ef7bd00524bcb925b9c68be3197de8322f7594092

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 3075
last-modified: Wed, 12 Jun 2019 22:32:21 GMT
server: keycdn-engine
etag: "5d017d75-c03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc62089cbf05-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 jquery.js Show response
c0.wp.com/c/5.2.1/wp-includes/js/jquery/ 95 KB
32 KB 74ms
9ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.1/wp-includes/js/jquery/jquery.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 17:08:53 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 13 Jun 2020 14:27:34 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.2.1/wp-includes/js/jquery/ 10 KB
4 KB 73ms
9ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 13 Jun 2020 14:27:34 GMT

GET
H2 200 TweenLite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/ 27 KB
9 KB 16ms
15ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/TweenLite.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

15ff1b3821afd681d5c405d980a27e80997c0f1bca41ab01bb23533d75606df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:03 GMT
server: cloudflare
etag: W/"5afd4943-6a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 03 Jun 2020 14:27:34 GMT
cache-control: public, max-age=30672000
cf-ray: 4e6cfc5be9349ab0-FRA
served-in-seconds: 0.010

GET
H2 200 ScrollToPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ 2 KB
1 KB 26ms
19ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ScrollToPlugin.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

806548b84857dbb3a3243a0d7c0aedc2afd647bf96b48de90985df9591ca4a4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:23 GMT
server: cloudflare
etag: W/"5afd491b-9fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 03 Jun 2020 14:27:34 GMT
cache-control: public, max-age=30672000
cf-ray: 4e6cfc5be93b9ab0-FRA
served-in-seconds: 0.014

GET
H2 200 CSSPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ 40 KB
15 KB 25ms
21ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/CSSPlugin.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5cc45eb6a71ddfc1e8c5f7a20b48120cfceded9a987af10113699cc8cc0aa8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:23 GMT
server: cloudflare
etag: W/"5afd491b-9e97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 03 Jun 2020 14:27:34 GMT
cache-control: public, max-age=30672000
cf-ray: 4e6cfc5be93e9ab0-FRA
served-in-seconds: 0.020

GET
H2 200 header-6b821ab1.min.js Show response
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 324 KB
79 KB 1024ms
98ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/header-6b821ab1.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

9e6d740ca5270b7afa41643fb2a4be037d90bc5f19713130af062512a7188ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 80336
last-modified: Wed, 12 Jun 2019 22:32:21 GMT
server: keycdn-engine
etag: "5d017d75-139d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61fd11d6d9-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 /
dirtyscam.com/ 24 KB
5 KB 735ms
732ms Stylesheet
text/css 2606:4700:30::681b:a8d3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dirtyscam.com/?custom-css=9722f5548b

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:a8d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42372b39ac3d00090d54b3c029af0f0547adcc76b4a4ba2a43cf15e8b3b9e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-type: text/css;charset=UTF-8
status: 200
x-kinsta-cache: BYPASS
cf-ray: 4e6cfc5befda9766-FRA
vary: Accept-Encoding
expires: Sat, 13 Jun 2020 14:27:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 90 KB
33 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

68f00225295b675ad3ae8319e08c6c83ca7a824e0fd98a8d201346a03fc6f9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 34059
x-xss-protection: 0
server: cafe
etag: 16740939238028640640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Jun 2019 14:27:34 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/7.4/_inc/build/photon/ 782 B
437 B 66ms
0ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.4/_inc/build/photon/photon.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

50deeb5590f52d9e52c82f0aa04d34371b4a89770452e41e68503a9fcd551eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
last-modified: Wed, 01 May 2019 01:21:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 13 Jun 2020 14:27:34 GMT

GET
H2 200 footer-505f080f.min.js Show response
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 645 B
860 B 919ms
59ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/footer-505f080f.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

5568a8cdd56c6b5506254f3b81166d236a538e4914cbff832506f55db2f66aef

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 266
last-modified: Wed, 12 Jun 2019 22:32:21 GMT
server: keycdn-engine
etag: "5d017d75-10a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61fe2bd6e1-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 114ms
15ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js
Requested by: Host: dirtyscam.com
URL: https://dirtyscam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT ams 32
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: gzip
server: nginx
etag: W/"5841a56f-52b6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 4.5am _dfw
expires: Tue, 04 Feb 2020 04:32:40 GMT

GET
H2 200 footer-3d5006ba.min.js Show response
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 247 B
752 B 1004ms
148ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/footer-3d5006ba.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

d00f01888dde9dfed2108b203c7ccce51d9a2b745503d9f2d951d245ce1fe7de

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 159
last-modified: Wed, 12 Jun 2019 22:32:21 GMT
server: keycdn-engine
etag: "5d017d75-9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61faeb63bf-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 js Show response
maps.google.com/maps/api/ 103 KB
33 KB 112ms
31ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyCS2IOHUPIPXVtR82srFyUc5gvZ0CaA-3Q&ver=3.22

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

21e9d316cb70e6d316b5c425e9e3b63421f6842d3a6aa83c329be876552bc0b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=14
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 33720
x-xss-protection: 0
expires: Fri, 14 Jun 2019 14:57:34 GMT

GET
H2 200 footer-67c10906.min.js Show response
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 208 KB
55 KB 952ms
99ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/footer-67c10906.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

36d326141b02daf63ddcf69f33f4c5e2727bd29b99a46c96e64e59abfd6cbb8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 56106
last-modified: Wed, 12 Jun 2019 22:33:11 GMT
server: keycdn-engine
etag: "5d017da7-db2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61fca1c2f9-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 lazy-images.min.js Show response
c0.wp.com/p/jetpack/7.4/_inc/build/lazy-images/js/ 9 KB
3 KB 79ms
7ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.4/_inc/build/lazy-images/js/lazy-images.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

c8531b58b14c9920eadfeb4b6aa66e1f9d1493742e28d52f8aba66c12ee1eae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
last-modified: Wed, 01 May 2019 01:21:49 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 13 Jun 2020 14:27:34 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.2.1/wp-includes/js/ 1 KB
690 B 71ms
8ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.2.1/wp-includes/js/wp-embed.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: br
last-modified: Thu, 30 Aug 2018 12:40:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 13 Jun 2020 14:27:34 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 764 B
546 B 82ms
19ms Script
text/javascript 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&ver=1.44

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

8d28addf3a3b5f22ca1f7c5a02781964f07dfb0ade3774d5b87a84867f6841ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 449
x-xss-protection: 1; mode=block
expires: Fri, 14 Jun 2019 14:27:34 GMT

GET
H2 200 footer-317e0641.min.js Show response
mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/ 6 KB
2 KB 933ms
99ms Script
application/javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/footer-317e0641.min.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine /

Resource Hash

fe33bce84c250509a16b39568fb54e4252812674463144ae3e678dbac67e8390

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
x-edge-location: defr
x-cache: MISS
status: 200
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-length: 1846
last-modified: Wed, 12 Jun 2019 22:32:22 GMT
server: keycdn-engine
etag: "5d017d76-736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31556940
accept-ranges: bytes
cf-ray: 4e6cfc61fe419704-FRA
expires: Sat, 13 Jun 2020 20:16:32 GMT

GET
H2 200 e-201924.js Show response
stats.wp.com/ 9 KB
3 KB 65ms
13ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-201924.js
Requested by: Host: dirtyscam.com
URL: https://dirtyscam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:34 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Mon, 08 Jun 2020 11:15:06 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Jun 2019 00:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1174989
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 May 2020 00:04:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 6028
date: Fri, 14 Jun 2019 12:47:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Fri, 14 Jun 2019 14:47:07 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dirtyscam-heaer-image.png
i0.wp.com/dirtyscam.com/wp-content/uploads/2019/02/ 135 KB
135 KB 93ms
36ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/dirtyscam.com/wp-content/uploads/2019/02/dirtyscam-heaer-image.png?ssl=1

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

caa25c14d0a74ce682d7353bfaadc989cb69a6625aef4150d1e972d4a8a0378b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
x-bytes-saved: 147124
last-modified: Sun, 10 Mar 2019 08:41:11 GMT
server: nginx
etag: "1ed3c935f2597d43"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://dirtyscam.com/wp-content/uploads/2019/02/dirtyscam-heaer-image.png>; rel="canonical"
content-length: 137810
expires: Tue, 09 Mar 2021 20:41:11 GMT

GET
H2 200 bg-scammer.jpg
i2.wp.com/dirtyscam.com/wp-content/uploads/2019/02/ 4 KB
4 KB 37ms
10ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/dirtyscam.com/wp-content/uploads/2019/02/bg-scammer.jpg?fit=374%2C250&ssl=1

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

34de8c8e70f221277d8d9882015d803bae71f9a7959d8c5c388192e7cd0c4be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
x-bytes-saved: 2594
last-modified: Sun, 10 Mar 2019 08:41:12 GMT
server: nginx
etag: "656c27221d15f158"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://dirtyscam.com/wp-content/uploads/2019/02/bg-scammer.jpg>; rel="canonical"
content-length: 4116
expires: Tue, 09 Mar 2021 20:41:12 GMT

GET
H2 200 bg-business.jpg
i2.wp.com/dirtyscam.com/wp-content/uploads/2019/02/ 12 KB
12 KB 35ms
9ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/dirtyscam.com/wp-content/uploads/2019/02/bg-business.jpg?fit=375%2C250&ssl=1

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0e998a4a6b62014ae78e25080e3e78407ea818216ea061b272f978d56b3a1522

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
x-bytes-saved: 10600
last-modified: Sun, 10 Mar 2019 08:41:14 GMT
server: nginx
etag: "5422ee32415d2e9d"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://dirtyscam.com/wp-content/uploads/2019/02/bg-business.jpg>; rel="canonical"
content-length: 11798
expires: Tue, 09 Mar 2021 20:41:14 GMT

GET
H2 200 bg-product.jpg
i1.wp.com/dirtyscam.com/wp-content/uploads/2019/02/ 27 KB
28 KB 83ms
35ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/dirtyscam.com/wp-content/uploads/2019/02/bg-product.jpg?fit=450%2C270&ssl=1

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d0216a7e1e1a3f173a1aa192fb04c6756f920c48edd854bf722a595c2181b139

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
x-bytes-saved: 5139
last-modified: Fri, 01 Mar 2019 22:42:23 GMT
server: nginx
etag: "b6a82c8020bf51df"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://dirtyscam.com/wp-content/uploads/2019/02/bg-product.jpg>; rel="canonical"
content-length: 28038
expires: Mon, 01 Mar 2021 10:42:23 GMT

GET
H2 200 mize.png
i1.wp.com/dirtyscam.com/wp-content/uploads/ 19 KB
19 KB 83ms
55ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/dirtyscam.com/wp-content/uploads/mize.png?fit=450%2C206&ssl=1

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

26b981816da096b340a8d78ca9ab9873e2fa74e474d63c6daa6183698d9d1aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
x-bytes-saved: 167238
last-modified: Sat, 08 Jun 2019 16:35:18 GMT
server: nginx
etag: "6aec5d90d61f56ff"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://dirtyscam.com/wp-content/uploads/mize.png>; rel="canonical"
content-length: 18944
expires: Tue, 08 Jun 2021 04:35:18 GMT

GET
H2 200 essencefx.png
i2.wp.com/dirtyscam.com/wp-content/uploads/ 11 KB
12 KB 11ms
10ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/dirtyscam.com/wp-content/uploads/essencefx.png?fit=450%2C207&ssl=1

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9be2621cc225b6e32817979957b0d31be0fe03bb6ceb4e15f27b5cb1940cc752

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
x-bytes-saved: 124992
last-modified: Sat, 01 Jun 2019 14:31:21 GMT
server: nginx
etag: "17b26ae765c166f8"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://dirtyscam.com/wp-content/uploads/essencefx.png>; rel="canonical"
content-length: 11690
expires: Tue, 01 Jun 2021 02:31:21 GMT

GET
H2 200 lira-coin-club.png
i1.wp.com/dirtyscam.com/wp-content/uploads/ 17 KB
17 KB 15ms
6ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/dirtyscam.com/wp-content/uploads/lira-coin-club.png?fit=450%2C205&ssl=1

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

137e003e0069ea4010ec4efbb909cd20bcbc854928ec155d0827b61f5ccef262

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
x-bytes-saved: 105799
last-modified: Sat, 25 May 2019 14:56:08 GMT
server: nginx
etag: "47cd50a62c508e0b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://dirtyscam.com/wp-content/uploads/lira-coin-club.png>; rel="canonical"
content-length: 17478
expires: Tue, 25 May 2021 02:56:08 GMT

GET
H2 200 fontawesome-webfont.woff2
dirtyscam.com/wp-content/themes/dirt-scam/assets/fonts/fontawesome/ 75 KB
76 KB 58ms
19ms Font
application/font-woff2 2606:4700:30::681b:a8d3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dirtyscam.com/wp-content/themes/dirt-scam/assets/fonts/fontawesome/fontawesome-webfont.woff2

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:a8d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/header-f57a36e3.min.css
Origin: https://dirtyscam.com

Response headers

date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
vary: Accept-Encoding
content-length: 77160
last-modified: Wed, 27 Feb 2019 18:21:17 GMT
server: cloudflare
etag: "5c76d51d-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e6cfc653edd9766-FRA
expires: Mon, 11 Jun 2029 14:27:35 GMT

GET
H2 200 hanken-light-webfont.woff2
dirtyscam.com/wp-content/themes/dirt-scam/assets/fonts/hanken/ 18 KB
18 KB 15ms
15ms Font
application/font-woff2 2606:4700:30::681b:a8d3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dirtyscam.com/wp-content/themes/dirt-scam/assets/fonts/hanken/hanken-light-webfont.woff2

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:a8d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8a7358bf08ae1772817729365f01b544c97dc95b8b6afca1333f26d17a03dd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://mk0mukaculidjafisqoh.kinstacdn.com/wp-content/cache/fvm/1560378738/out/header-f57a36e3.min.css
Origin: https://dirtyscam.com

Response headers

date: Fri, 14 Jun 2019 14:27:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
vary: Accept-Encoding
content-length: 18056
last-modified: Wed, 27 Feb 2019 18:21:26 GMT
server: cloudflare
etag: "5c76d526-4688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 4e6cfc65ffec9766-FRA
expires: Mon, 11 Jun 2029 14:27:35 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=741116374&t=pageview&_s=1&dl=https%3A%2F%2Fdirtyscam.com%2F&ul=en-us&de=UTF-8&dt=Report%20Scam%20%E2%80%93%20Expose%20Scammer%20%E2%80%93%20D...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86098204-1&cid=212170688.1560522456&jid=1136925012&_gid=1266745083.1560522456&gjid=2131046945&_v=j76&z=934638616

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0a::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86098204-1&cid=212170688.1560522456&jid=1136925012&_gid=1266745083.1560522456&gjid=2131046945&_v=j76&z=934638616

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 14 Jun 2019 14:27:36 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Jun 2019 14:27:36 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-86098204-1&cid=212170688.1560522456&jid=1136925012&_gid=1266745083.1560522456&gjid=2131046945&_v=j76&z=934638616
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dirtyscam.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dirtyscam.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/ 211 KB
78 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8bb0b980e6b1d11a603da1e5a9703f18613c02622984fa6f93f04c8afd8b73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 79883
x-xss-protection: 0
server: cafe
etag: 2215534697255720620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jun 2019 14:27:36 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/ Frame 7ACB 211 KB
78 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8bb0b980e6b1d11a603da1e5a9703f18613c02622984fa6f93f04c8afd8b73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 79883
x-xss-protection: 0
server: cafe
etag: 2215534697255720620
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jun 2019 14:27:36 GMT

GET
H2 200 ca-pub-7011024939395431.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 108 B
229 B 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7011024939395431.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 02:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 20:24:36 GMT
server: sffe
age: 42668
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 118
x-xss-protection: 0
expires: Fri, 14 Jun 2019 14:36:28 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/ Frame ADE1 0
0 21ms
11ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190612/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190612/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://dirtyscam.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://dirtyscam.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 14 Jun 2019 03:59:46 GMT
expires: Fri, 28 Jun 2019 03:59:46 GMT
content-type: text/html; charset=UTF-8
etag: 9107516332936589630
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7041
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 37670
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 css
fonts.googleapis.com/ 28 KB
1 KB 33ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300%7CRoboto:300%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic%7CRoboto:100%7CRoboto:300%7CRoboto:300%7CRoboto:300%7CRoboto:100&subset=cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

43a896d2242cd94de5410caff933a191d03a8d5d699abe7b628bcde244581bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 14 Jun 2019 14:27:36 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 14 Jun 2019 14:27:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 14 Jun 2019 14:27:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300%7CRoboto:300%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic%7CRoboto:100%7CRoboto:300%7CRoboto:300%7CRoboto:300%7CRoboto:100&subset=cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic
Origin: https://dirtyscam.com

Response headers

date: Sun, 02 Jun 2019 21:49:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:42 GMT
server: sffe
age: 1010304
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Mon, 01 Jun 2020 21:49:12 GMT

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300%7CRoboto:300%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic%7CRoboto:100%7CRoboto:300%7CRoboto:300%7CRoboto:300%7CRoboto:100&subset=cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic
Origin: https://dirtyscam.com

Response headers

date: Sat, 01 Jun 2019 08:47:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:51 GMT
server: sffe
age: 1143620
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10984
x-xss-protection: 0
expires: Sun, 31 May 2020 08:47:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300%7CRoboto:300%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic%7CRoboto:100%7CRoboto:300%7CRoboto:300%7CRoboto:300%7CRoboto:100&subset=cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic
Origin: https://dirtyscam.com

Response headers

date: Sun, 02 Jun 2019 21:32:33 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:13:33 GMT
server: sffe
age: 1011303
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Mon, 01 Jun 2020 21:32:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ 11 KB
11 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:300%7CRoboto:300%7CRoboto:100,100italic,300,300italic,regular,italic,500,500italic,700,700italic,900,900italic%7CRoboto:100%7CRoboto:300%7CRoboto:300%7CRoboto:300%7CRoboto:100&subset=cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic,cyrillic
Origin: https://dirtyscam.com

Response headers

date: Thu, 13 Jun 2019 22:52:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:03 GMT
server: sffe
age: 56105
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 0
expires: Fri, 12 Jun 2020 22:52:31 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame F320 0
0 214ms
213ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7011024939395431&output=html&h=90&slotname=1111339304&adk=2139595974&adf=4210465007&w=740&fwr_io=false&fwrn=1&fwrnh=100&lmt=1560522456&rafmt=1&guci=1.2.0.0.2.2.0.0&format=740x90&url=https%3A%2F%2Fdirtyscam.com%2F&flash=0&fwr=0&fwrattr=false&resp_fmts=3&wgl=1&dt=1560522456035&bpp=19&bdt=1675&fdt=300&idt=300&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&correlator=1402155400155&frm=20&pv=2&ga_vid=212170688.1560522456&ga_sid=1560522456&ga_hid=741116374&ga_fc=0&iag=0&icsg=8589977600&dssz=26&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=1377&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=1&fu=144&bc=31&osw_key=1399190000&ifi=1&uci=1.gkr339h4f9i5&fsb=1&xpc=2JKXyguN54&p=https%3A//dirtyscam.com&dtd=344

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7011024939395431&output=html&h=90&slotname=1111339304&adk=2139595974&adf=4210465007&w=740&fwr_io=false&fwrn=1&fwrnh=100&lmt=1560522456&rafmt=1&guci=1.2.0.0.2.2.0.0&format=740x90&url=https%3A%2F%2Fdirtyscam.com%2F&flash=0&fwr=0&fwrattr=false&resp_fmts=3&wgl=1&dt=1560522456035&bpp=19&bdt=1675&fdt=300&idt=300&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&correlator=1402155400155&frm=20&pv=2&ga_vid=212170688.1560522456&ga_sid=1560522456&ga_hid=741116374&ga_fc=0&iag=0&icsg=8589977600&dssz=26&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=433&ady=1377&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=1&fu=144&bc=31&osw_key=1399190000&ifi=1&uci=1.gkr339h4f9i5&fsb=1&xpc=2JKXyguN54&p=https%3A//dirtyscam.com&dtd=344
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://dirtyscam.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://dirtyscam.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 14 Jun 2019 14:27:36 GMT
server: cafe
content-length: 152
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 14-Jun-2019 14:42:36 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Fri, 14 Jun 2019 14:27:36 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
28 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2efd07df1aab7f9138d590d5c039addb49a9b6259df5296f325fce4f180089c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 14:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1560360206413241"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28289
x-xss-protection: 0
expires: Fri, 14 Jun 2019 14:27:36 GMT

POST
H2 200 admin-ajax.php Show response
dirtyscam.com/wp-admin/ 0
377 B 351ms
350ms XHR
application/json 2606:4700:30::681b:a8d3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://dirtyscam.com/wp-admin/admin-ajax.php

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.2.1/wp-includes/js/jquery/jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681b:a8d3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://dirtyscam.com/
Origin: https://dirtyscam.com
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 14 Jun 2019 14:27:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-ray: 4e6cfc6ca93a9766-FRA
status: 200
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dirtyscam.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame A714 0
0 27ms
22ms Document
text/html 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7011024939395431&output=html&adk=1812271804&adf=3025194257&lmt=1560522457&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fdirtyscam.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560522457190&bpp=21&bdt=2831&fdt=31&idt=31&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=740x90&nras=1&correlator=1402155400155&frm=20&pv=1&ga_vid=212170688.1560522456&ga_sid=1560522456&ga_hid=741116374&ga_fc=0&iag=0&icsg=175922036604928&dssz=36&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=3759136611&ifi=1&uci=1.5lfwhbs8o8w6&fsb=1&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190612/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7011024939395431&output=html&adk=1812271804&adf=3025194257&lmt=1560522457&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fdirtyscam.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1560522457190&bpp=21&bdt=2831&fdt=31&idt=31&shv=r20190612&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=740x90&nras=1&correlator=1402155400155&frm=20&pv=1&ga_vid=212170688.1560522456&ga_sid=1560522456&ga_hid=741116374&ga_fc=0&iag=0&icsg=175922036604928&dssz=36&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C20040011&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=3759136611&ifi=1&uci=1.5lfwhbs8o8w6&fsb=1&dtd=58
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://dirtyscam.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://dirtyscam.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 14 Jun 2019 14:27:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUm5COmZ2QGwtcS0PY21EGpIWhcu8WR0NPhGKjgMNNPvM60127Sr-dyNOzP5; expires=Wed, 08-Jul-2020 14:27:37 GMT; path=/; domain=.doubleclick.net; HttpOnly
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Fri, 14 Jun 2019 14:27:37 GMT
cache-control: private

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/v1559543665173/ 263 KB
92 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=1.44

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e8e5fe8177578150e8faf71219cfe439c2391501f077c8015ec03d694c9ea3ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 05 Jun 2019 21:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2019 17:45:00 GMT
server: sffe
age: 753679
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 93780
x-xss-protection: 0
expires: Thu, 04 Jun 2020 21:06:18 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 23ms
13ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.4&blog=116890602&post=68&tz=0&srv=dirtyscam.com&host=dirtyscam.com&ref=&fcp=2491&rand=0.7069465224403484
Requested by: Host: dirtyscam.com
URL: https://dirtyscam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 14 Jun 2019 14:27:37 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 DirtyScamLogoNew-sm-1.png
i1.wp.com/dirtyscam.com/wp-content/uploads/2019/02/ 8 KB
8 KB 9ms
7ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/dirtyscam.com/wp-content/uploads/2019/02/DirtyScamLogoNew-sm-1.png?fit=224%2C62&ssl=1

Requested by

Host: dirtyscam.com
URL: https://dirtyscam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7d6bb8824da6a2b26c81512a62be50a3bae2bb77d50a2750658bd01e2fd76e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Fri, 14 Jun 2019 14:27:37 GMT
x-content-type-options: nosniff
x-bytes-saved: 8124
last-modified: Fri, 01 Mar 2019 19:59:49 GMT
server: nginx
etag: "0b4839c6557e50ec"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://dirtyscam.com/wp-content/uploads/2019/02/DirtyScamLogoNew-sm-1.png>; rel="canonical"
content-length: 7768
expires: Mon, 01 Mar 2021 07:59:49 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame F206 0
0 41ms
39ms Document
text/html 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&co=aHR0cHM6Ly9kaXJ0eXNjYW0uY29tOjQ0Mw..&hl=en&v=v1559543665173&theme=light&size=compact&cb=vcs1fgo7xhvy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dhC0pvaFmFFl2qCet17TgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&co=aHR0cHM6Ly9kaXJ0eXNjYW0uY29tOjQ0Mw..&hl=en&v=v1559543665173&theme=light&size=compact&cb=vcs1fgo7xhvy
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://dirtyscam.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://dirtyscam.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Jun 2019 14:27:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-dhC0pvaFmFFl2qCet17TgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10075
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame A7D4 0
0 29ms
28ms Document
text/html 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&co=aHR0cHM6Ly9kaXJ0eXNjYW0uY29tOjQ0Mw..&hl=en&v=v1559543665173&theme=light&size=compact&cb=fqs239j31h57

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-maajAMWzrBkfLd+DR81SiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&co=aHR0cHM6Ly9kaXJ0eXNjYW0uY29tOjQ0Mw..&hl=en&v=v1559543665173&theme=light&size=compact&cb=fqs239j31h57
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://dirtyscam.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://dirtyscam.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Jun 2019 14:27:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-maajAMWzrBkfLd+DR81SiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9946
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame A946 0
0 34ms
31ms Document
text/html 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1559543665173&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&cb=4swaogoll3tu

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gXqWBUOCNPZN6lTyrIlLWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=v1559543665173&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&cb=4swaogoll3tu
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://dirtyscam.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://dirtyscam.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Jun 2019 14:27:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-gXqWBUOCNPZN6lTyrIlLWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1120
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 9CB6 0
0 30ms
29ms Document
text/html 2a00:1450:4001:815::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1559543665173&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&cb=bjho0f7340bv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1559543665173/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IyFj9bJf9kdnVNGwLx5vNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=v1559543665173&k=6LfgnpQUAAAAAJOa_HRQU8ZGahGmRaDb8ZofGNEy&cb=bjho0f7340bv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://dirtyscam.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://dirtyscam.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Jun 2019 14:27:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-IyFj9bJf9kdnVNGwLx5vNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1118
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 common.js Show response
maps.google.com/maps-api-v3/api/js/37/4/ 75 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/37/4/common.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyCS2IOHUPIPXVtR82srFyUc5gvZ0CaA-3Q&ver=3.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

838294b9ebc57ba00dedc6541f72824fe7d38ad59853aca4317abfe4d53a1a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Jun 2019 18:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2019 18:37:17 GMT
server: sffe
age: 847872
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28109
x-xss-protection: 0
expires: Wed, 03 Jun 2020 18:56:29 GMT

GET
H2 200 util.js Show response
maps.google.com/maps-api-v3/api/js/37/4/ 139 KB
52 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:824::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.google.com/maps-api-v3/api/js/37/4/util.js

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps/api/js?v=3.exp&libraries=places&key=AIzaSyCS2IOHUPIPXVtR82srFyUc5gvZ0CaA-3Q&ver=3.22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

09ed7a6be153844a3b39567707dc5e831cb07182e2a32bcff5258111f3668dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 04 Jun 2019 18:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Jun 2019 18:37:17 GMT
server: sffe
age: 847872
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 53450
x-xss-protection: 0
expires: Wed, 03 Jun 2020 18:56:29 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
137 B 43ms
42ms Script
text/javascript 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fdirtyscam.com%2F&4sAIzaSyCS2IOHUPIPXVtR82srFyUc5gvZ0CaA-3Q&callback=_xdc_._vwz9a6&key=AIzaSyCS2IOHUPIPXVtR82srFyUc5gvZ0CaA-3Q&token=124402

Requested by

Host: maps.google.com
URL: https://maps.google.com/maps-api-v3/api/js/37/4/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

mafe /

Resource Hash

e896f7dbb7edf7d6821f9b4b8f1ffaa6782f5e6078f6690be79a06ced345fef5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dirtyscam.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2019 14:27:41 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=26
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 10:50:18	Name: IDE Value: AHWqTUm5COmZ2QGwtcS0PY21EGpIWhcu8WR0NPhGKjgMNNPvM60127Sr-dyNOzP5
			.dirtyscam.com/	1970-01-19 10:14:18	Name: __cfduid Value: dc645101c378e734b0220f67d6464790d1560522457

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.2.1/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=5184000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
c0.wp.com
cdnjs.cloudflare.com
dirtyscam.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i0.wp.com
i1.wp.com
i2.wp.com
maps.google.com
maps.googleapis.com
mk0mukaculidjafisqoh.kinstacdn.com
pagead2.googlesyndication.com
pixel.wp.com
s0.wp.com
stats.g.doubleclick.net
stats.wp.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.37
2606:4700:30::681b:a8d3
2606:4700::6813:c397
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:815::2004
2a00:1450:4001:819::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2003
2a00:1450:4001:824::200e
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c0a::9c
2a0b:4d07:101::1
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09ed7a6be153844a3b39567707dc5e831cb07182e2a32bcff5258111f3668dda
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e998a4a6b62014ae78e25080e3e78407ea818216ea061b272f978d56b3a1522
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
137e003e0069ea4010ec4efbb909cd20bcbc854928ec155d0827b61f5ccef262
157c0c7a2112b72373836d44f2badbd8953a6386d76fff195f7dc7c17073fe5c
15ff1b3821afd681d5c405d980a27e80997c0f1bca41ab01bb23533d75606df5
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
21e9d316cb70e6d316b5c425e9e3b63421f6842d3a6aa83c329be876552bc0b7
26b981816da096b340a8d78ca9ab9873e2fa74e474d63c6daa6183698d9d1aa7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2efd07df1aab7f9138d590d5c039addb49a9b6259df5296f325fce4f180089c0
34de8c8e70f221277d8d9882015d803bae71f9a7959d8c5c388192e7cd0c4be6
36d326141b02daf63ddcf69f33f4c5e2727bd29b99a46c96e64e59abfd6cbb8b
43a896d2242cd94de5410caff933a191d03a8d5d699abe7b628bcde244581bf0
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
50deeb5590f52d9e52c82f0aa04d34371b4a89770452e41e68503a9fcd551eba
5568a8cdd56c6b5506254f3b81166d236a538e4914cbff832506f55db2f66aef
5b0a2245519b56ed26270f31a25ddb4c688b4712d734c258b7168fc3a4effb14
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
68f00225295b675ad3ae8319e08c6c83ca7a824e0fd98a8d201346a03fc6f9bb
7d6bb8824da6a2b26c81512a62be50a3bae2bb77d50a2750658bd01e2fd76e94
806548b84857dbb3a3243a0d7c0aedc2afd647bf96b48de90985df9591ca4a4a
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838294b9ebc57ba00dedc6541f72824fe7d38ad59853aca4317abfe4d53a1a73
8bb0b980e6b1d11a603da1e5a9703f18613c02622984fa6f93f04c8afd8b73a6
8d28addf3a3b5f22ca1f7c5a02781964f07dfb0ade3774d5b87a84867f6841ed
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
9332bd23b1004c39934991c9196c859664e676ded48d355465378827dbcb1ac2
969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083
9bafb8fb7e9c1322eb4c31c823401197581238d848a5818d410e72d53b4cab65
9be2621cc225b6e32817979957b0d31be0fe03bb6ceb4e15f27b5cb1940cc752
9e6d740ca5270b7afa41643fb2a4be037d90bc5f19713130af062512a7188ae2
a8a7358bf08ae1772817729365f01b544c97dc95b8b6afca1333f26d17a03dd5
b5cc45eb6a71ddfc1e8c5f7a20b48120cfceded9a987af10113699cc8cc0aa8a
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
c8531b58b14c9920eadfeb4b6aa66e1f9d1493742e28d52f8aba66c12ee1eae5
caa25c14d0a74ce682d7353bfaadc989cb69a6625aef4150d1e972d4a8a0378b
d00f01888dde9dfed2108b203c7ccce51d9a2b745503d9f2d951d245ce1fe7de
d0216a7e1e1a3f173a1aa192fb04c6756f920c48edd854bf722a595c2181b139
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42372b39ac3d00090d54b3c029af0f0547adcc76b4a4ba2a43cf15e8b3b9e49
e4bde4c327067ea5378160fb1aafc0dc67b677426b3d03633fecbca42e272748
e896f7dbb7edf7d6821f9b4b8f1ffaa6782f5e6078f6690be79a06ced345fef5
e8e5fe8177578150e8faf71219cfe439c2391501f077c8015ec03d694c9ea3ae
ea3caf9bd5a3d02f0e3fbd1ef7bd00524bcb925b9c68be3197de8322f7594092
ebe09e7f4a4352d6d9c711c5bc7cf403278968696b45f85e1fae9a1b2f946655
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fe33bce84c250509a16b39568fb54e4252812674463144ae3e678dbac67e8390

dirtyscam.com Open in urlscan Pro 2606:4700:30::681b:a8d3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

81 %IPv6

12 Domains

24 Subdomains

22 IPs

4 Countries

1178 kBTransfer

3241 kBSize

2 Cookies

3 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dirtyscam.com Open in urlscan Pro
2606:4700:30::681b:a8d3 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

81 %
IPv6

12
Domains

24
Subdomains

22
IPs

4
Countries

1178 kB
Transfer

3241 kB
Size

2
Cookies

66 HTTP transactions
1 data transactions