urlscan.io logo urlscan.io
SecurityTrails logo

dtfnsa.com Open in urlscan Pro
2a06:98c1:3120::c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.eu-tf-track.online/
Effective URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVc...
Submission: On December 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 10 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is dtfnsa.com. The Cisco Umbrella rank of the primary domain is 605106.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2022. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 188.114.96.12 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.184.38.55 16509 (AMAZON-02)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 167.114.67.56 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 5
1    2606:4700:3030::6815:3781 (United States)

ASN13335 (CLOUDFLARENET, US)
www.eu-tf-track.online
1    188.114.96.12 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
hot-with-me.com
1    2606:4700:3033::ac43:af7d (United States)

ASN13335 (CLOUDFLARENET, US)
makeyourwet.com
1    2606:4700:3037::6815:b53 (United States)

ASN13335 (CLOUDFLARENET, US)
m.luvmenow.com
2    2606:4700:3035::ac43:be7f (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.t0r4.com
1    18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
zzotrack.com
5    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
dtfnsa.com
5    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    167.114.67.56 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: 56.ip-167-114-67.net
zeniocloud.com
1    2606:4700:3032::6815:5563 (United States)

ASN13335 (CLOUDFLARENET, US)
alexatracker.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3416
onesignal.com — Cisco Umbrella Rank: 1310
img.onesignal.com — Cisco Umbrella Rank: 6621
193 KB
5 dtfnsa.com
dtfnsa.com — Cisco Umbrella Rank: 605106
103 KB
2 t0r4.com
tracking.t0r4.com — Cisco Umbrella Rank: 831645
1 KB
1 alexatracker.com
alexatracker.com — Cisco Umbrella Rank: 423125
690 B
1 zeniocloud.com
zeniocloud.com — Cisco Umbrella Rank: 476293
429 B
1 zzotrack.com
zzotrack.com — Cisco Umbrella Rank: 646506
1 KB
1 luvmenow.com
m.luvmenow.com
680 B
1 makeyourwet.com
makeyourwet.com
1 KB
1 hot-with-me.com
hot-with-me.com
1022 B
1 eu-tf-track.online
www.eu-tf-track.online
777 B
13 10
Domain Requested by
5 dtfnsa.com dtfnsa.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com dtfnsa.com
cdn.onesignal.com
2 tracking.t0r4.com 2 redirects
1 img.onesignal.com
1 alexatracker.com zeniocloud.com
1 zeniocloud.com dtfnsa.com
1 zzotrack.com 1 redirects
1 m.luvmenow.com 1 redirects
1 makeyourwet.com 1 redirects
1 hot-with-me.com 1 redirects
1 www.eu-tf-track.online 1 redirects
13 12

This site contains links to these domains. Also see Links.

Domain
zzotrack.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-21		 a year crt.sh
zeniocloud.com
R3		 2022-11-15 -
2023-02-13		 3 months crt.sh
*.alexatracker.com
GTS CA 1P5		 2022-12-04 -
2023-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
Frame ID: 2A5D33EABC9E711DC5B2EE8A8B6A4BC5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dies ist KEINE Datingseite!

Page URL History Show full URLs

  1. https://www.eu-tf-track.online/ HTTP 302
    https://hot-with-me.com/KFZpL74M?s1=rbwig63a05fdb000e4092&tag=%2F%2F HTTP 302
    https://makeyourwet.com/yrbPvQjh?s1=1u55a0q7d59jo&tag=10018&s2=frd HTTP 302
    https://m.luvmenow.com/click?offer_id=4531&pid=31423&ref_id=1g9jvg87d59jp&sub1=28575&sub2=2001%3A1b... HTTP 302
    https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=31423&sub3=a_63a05fdcb75fb2000134ce42&sub2=frd HTTP 302
    https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=740&sub2=frd HTTP 302
    https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=... HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3Y... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

12
Subdomains

5
IPs

4
Countries

297 kB
Transfer

660 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.eu-tf-track.online/ HTTP 302
    https://hot-with-me.com/KFZpL74M?s1=rbwig63a05fdb000e4092&tag=%2F%2F HTTP 302
    https://makeyourwet.com/yrbPvQjh?s1=1u55a0q7d59jo&tag=10018&s2=frd HTTP 302
    https://m.luvmenow.com/click?offer_id=4531&pid=31423&ref_id=1g9jvg87d59jp&sub1=28575&sub2=2001%3A1b60%3A2%3A240%3A3247%3A%3A11&sub3=1g9jvg87d59jp&sub4=1u55a0q7d59jo&sub5=frd&sub6=&sub7=&sub8=10018 HTTP 302
    https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=31423&sub3=a_63a05fdcb75fb2000134ce42&sub2=frd HTTP 302
    https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=740&sub2=frd HTTP 302
    https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3 HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dtfnsa.com/de/f2397h/
Redirect Chain
  • https://www.eu-tf-track.online/
  • https://hot-with-me.com/KFZpL74M?s1=rbwig63a05fdb000e4092&tag=%2F%2F
  • https://makeyourwet.com/yrbPvQjh?s1=1u55a0q7d59jo&tag=10018&s2=frd
  • https://m.luvmenow.com/click?offer_id=4531&pid=31423&ref_id=1g9jvg87d59jp&sub1=28575&sub2=2001%3A1b60%3A2%3A240%3A3247%3A%3A11&sub3=1g9jvg87d59jp&sub4=1u55a0q7d59jo&sub5=frd&sub6=&sub7=&sub8=10018
  • https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=31423&sub3=a_63a05fdcb75fb2000134ce42&sub2=frd
  • https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=740&sub2=frd
  • https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
  • https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_Jnn...
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293b9c384237f5461f5b80748ee8b96640608cd309c67e6db9cd8e6f053a85f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
77c04ec36996bb4a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Dec 2022 12:58:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pqGqfVbntbKolNwebgfbJuwd%2BoxuQx490a8LSQPrp0GgvECXMdSiX%2Bh%2FOy7D0v7XKHnF5MAv6baYcahr4tADiIKfSxVdjDMhwOZCgKPmT0Vs%2Fb5YWJPhtMMakQLexAteZYkAP2LEpxH"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Mon, 19 Dec 2022 12:58:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
pragma
no-cache
server
nginx
style4blue.css
dtfnsa.com/de/f2397h/files/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/style4blue.css
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3575
cf-polished
origSize=4758
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Dec 2022 00:54:44 GMT
server
cloudflare
etag
W/"63952a54-1296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxh7PWWv%2BrT%2BRfJt16aRg8ZMk0DLLormR3ixVJj98watgiAxILcXnokCKfbR6y72t%2FbGucvFk00r5WSfcfL6r%2BceSN5L8QnvviXGpLmBI0bYE98952%2B042ezSRe8C1TRKJrrtiRNRwVN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77c04ec50bbb9b4f-FRA
jquery.js
dtfnsa.com/de/f2397h/files/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/jquery.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1655
cf-polished
origSize=96381
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Dec 2022 00:54:44 GMT
server
cloudflare
etag
W/"63952a54-1787d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iumz3ewxoF0%2FouxjJEX8b2SfgSIiKLUv1uPD9QSEfKCR2BalcjTkrTgaU011tbco2J5KTLpDRCKQgPc6r%2FdQjywgJ6K0AiJmiV1HTFkhWYbYOYYbv7NNCumKAzcNjYxXQEeOhuAxuF%2By"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
77c04ec50bc19b4f-FRA
showHide.js
dtfnsa.com/de/f2397h/files/ 		519 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/showHide.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3575
cf-polished
origSize=1513
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 11 Dec 2022 00:54:44 GMT
server
cloudflare
etag
W/"63952a54-5e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paLm8WqbL8RnRfnQvMN3Yep8rj41Yol520B3l1ZyeXUEZZlq5yA8B3qmMlcX2bOOkD%2BRz7exDUdEK%2Fg2shSktqEWVU7ZK6D7Jc5GeBByZYgFIS%2B6Ps4XWGv11KSg%2Br24PIxxWRhN9AQy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
77c04ec50bc59b4f-FRA
17.gif
dtfnsa.com/de/f2397h/files/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/de/f2397h/files/17.gif
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:04 GMT
cf-cache-status
HIT
last-modified
Sun, 11 Dec 2022 00:54:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3574
etag
"63952a54-f8ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXdQcoJVR0KsioSulOIEDCLR9r3mWBllxEncrR2U7qQ%2FN9f9%2F5IN29TgR5i4oWw32va6fghVJzYgyI%2BcFj2DCA8X%2BDQS1hsQxHEPau89lqRpPMDG%2BsYypx4lAu12iE474AsRjs9%2F6iqD"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77c04ec50bc99b4f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63725
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
989
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
77c04ec549af91e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 22 Dec 2022 12:58:05 GMT
gAIA.js
zeniocloud.com/ 		595 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg&lptoken=168d71af456564788474&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=frd&clickid=63a05fdcf6586000012f50a3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.114.67.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
56.ip-167-114-67.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:05 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:05 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
989
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
77c04ec5bb8a923e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 22 Dec 2022 12:58:05 GMT
web
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9ef64765877950f5d80a7e7a4a35452026b7e948cb6ab9208a0acfc1352a89
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:05 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
306
cf-polished
origSize=4986
status
200 OK
x-envoy-upstream-service-time
32
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
693116ef-bb6f-4514-8b8d-1d889263beb8
x-runtime
0.029772
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"645e738f3b06322a2c540a81146b802f"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
77c04ec66cbf91e4-FRA
access-control-allow-headers
SDK-Version
expires
Mon, 19 Dec 2022 13:58:05 GMT
gAIA.js
alexatracker.com/jscode/ 		0
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://alexatracker.com/jscode/gAIA.js?sub1=&sub2=dtfnsa.com&sub3=&sub4=&sub5=&prid=
Requested by
Host: zeniocloud.com
URL: https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Dec 2022 12:58:05 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2blcV1g5BIMAyBvlBSUmRgGYXyr3dreH8%2F0pVp0NUoR1ZWriJpT6clJIwUsyTayhw5c3x2a5nFSXV57uDqH9luzu9r97auLJvC1HksMLO0%2FmqlpxBWgMRaXJzKnsKwGYYsAqCZtdHTEDBkKwhGI"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
77c04ec97bbabbd1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:08 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
991
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
77c04edbdc31923e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 18 Jan 2023 12:58:08 GMT
icon
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ 		184 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:08 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
8b290c87-f712-4655-877e-47d73d86bf54
x-runtime
0.007038
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"50fa27fa000bdd8c136de3481bf2ad5a"
x-download-options
noopen
vary
Accept, Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
77c04edcff1d9241-FRA
access-control-allow-headers
SDK-Version
d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/d26527ec-822b-4b87-8dd0-ed808da427a4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 12:58:08 GMT
x-amz-meta-cache-control
public, maxage=604800
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
8DTK7XQ8MF190JF3
age
2716
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112512
x-amz-id-2
Sms8kebgKYa6oranwoykHgFVFzs8FCkjgqUapvzBm/aLuMem1+oXEp/hZxNDHsAz6708TbXeB4HM0390iXmI0Q==
last-modified
Fri, 28 Jan 2022 15:36:15 GMT
server
cloudflare
etag
"f9ba9add911ac7dbe6cb5d19f26f4f20"
vary
Accept-Encoding
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
77c04edd8c7591e4-FRA
expires
Thu, 19 Jan 2023 12:58:08 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| OneSignal number| __oneSignalSdkLoadCount function| __jp0

17 Cookies

Domain/Path Name / Value
www.eu-tf-track.online/ Name: unique_id
Value: 63a05fdb0001ed39
www.eu-tf-track.online/ Name: unique_id2
Value: 63a05fdb0001f3c1
www.eu-tf-track.online/ Name: tid
Value: rbwig63a05fdb000e4092
hot-with-me.com/ Name: _subid
Value: 1u55a0q7d59jo
hot-with-me.com/ Name: 9bf24
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjEwOTkyN1wiOjE2NzE0NTQ2ODMsXCIxNTgwM1wiOjE2NzE0NTQ2ODN9LFwiY2FtcGFpZ25zXCI6e1wiMTAwMThcIjoxNjcxNDU0NjgzLFwiMTgyXCI6MTY3MTQ1NDY4M30sXCJ0aW1lXCI6MTY3MTQ1NDY4M30ifQ.1nHK1GeRIId0lJKlzUs-PwSDMGKOk_pcUpE1nqeaLqA
hot-with-me.com/ Name: _token
Value: uuid_1u55a0q7d59jo_1u55a0q7d59jo63a05fdb3c4936.82934982
makeyourwet.com/ Name: _subid
Value: 1g9jvg87d59jp
makeyourwet.com/ Name: _token
Value: uuid_1g9jvg87d59jp_1g9jvg87d59jp63a05fdbb8e771.71587418
makeyourwet.com/ Name: 9bf24
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI5MDk1MFwiOjE2NzE0NTQ2ODN9LFwiY2FtcGFpZ25zXCI6e1wiMjg1NzVcIjoxNjcxNDU0NjgzfSxcInRpbWVcIjoxNjcxNDU0NjgzfSJ9._EfoWnObluseehPYuxO6N6fhB6whtqw48AXFLvyoI_A
m.luvmenow.com/ Name: afclick
Value: 63a05fdcb75fb2000134ce42
m.luvmenow.com/ Name: afoffers
Value: {"4531":1671454684}
tracking.t0r4.com/ Name: afclick
Value: 63a05fdcf6586000012f50a3
tracking.t0r4.com/ Name: afoffers
Value: {"1212":1671454684}
.zzotrack.com/ Name: ff5c1bc0-53f1-4573-8083-234256664f4d-v4
Value: uKkHFPnRX_u2hXYzvGVUsI4Cs4XMh_AtWX-O5exg6Bw
.zzotrack.com/ Name: cep-v4
Value: ycW4dT5fc9Thvv3GAbeg3rE5tyMyMExKaVhyILQ5QQU1X0nLlnpJ1jV9mw_9ZgvWYaBtlAfgvmZOLdcqRRvwQlV-760umY9q28SlU6Aj3FeG05xhXdiXZSVzYYzJxDLNvtk99fGZf_XtP4AUH_sePMjotJ75DqfxcdP90jCt1V5UZ6nF03Mdg6OlLiQZLxm93rmfoFwYTC8M-GbBasuS2jQlBJ2w5nt28g6lFBXM9M1Vvfsq-ropEnkCM4-XaxOJU4WMPO2297BP1gAHWBIBmAqrkE8e_Bx7SNQEzj7S4vJ4Y0EkVDlGYIbSZh5zZMIZknainrz13R5olQ3ecPYpknXYAqkMBgEMJNauu9Trnj8rVJtxhvuNSzLDrzxQ2XATKt0BxnMrXlwIiDD7wdCa0m75yRLulP0RDKVn4kBifxOSOo7vDsLAvcrMP35YnTKjHwSDuBNcq9sr6h0vUWELPg
dtfnsa.com/ Name: wl
Value: %7B%22attributes%22%3A%7B%22ttl%22%3Anull%2C%22value%22%3A%22a%3A13%3A%7Bs%3A3%3A%5C%22cep%5C%22%3Bs%3A470%3A%5C%22TNGCPRqgCrTSlbUEGZ3YlNumFkcSV_dGra-7MSVcfqUNoTkADX-YhIJLpUUu3jYK0pCZCeUQFquaiVi1RXDxSVrkllz0j9J8SXWPjp-49WAJNe3Kkvq5Cx_JnnkNnKGV1GI7E9WLC5Y0IDmqJyEffCcwEFoZmH5XhyJ-X3Zhy-8DAuy_5w0sF5WKt4IataYgDkHzvdWKEeK4Z5EeUapCqLV8Np-iANePSefWotJMV-dpGhBNGNety7Hv0OqVk3uJd-nnr5PRJb0E9lEFL1F1KIHCwzdV0rwXGItpYnmRwcpjJAxqgUmo6NgVHUr_mp-uoMHSS2LRtNB_K7Mc8ZKFCyqPBwGZ22nXkeFRArSt1984xLXwM8-t3nuTl7TTMwdIwYt7BwMz-T1MPPCMAIXT1a7pUssZIm08Ni1a7j6gjf9aqH-EZXL0LjAlKKMBTNA1Cy76ZubGSJp5NQzNq7QzHg%5C%22%3Bs%3A7%3A%5C%22clickid%5C%22%3Bs%3A24%3A%5C%2263a05fdcf6586000012f50a3%5C%22%3Bs%3A5%3A%5C%22data3%5C%22%3Bs%3A4%3A%5C%221212%5C%22%3Bs%3A5%3A%5C%22data4%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A5%3A%5C%22email%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A3%3A%5C%22geo%5C%22%3Bs%3A2%3A%5C%22DE%5C%22%3Bs%3A7%3A%5C%22lptoken%5C%22%3Bs%3A20%3A%5C%22168d71af456564788474%5C%22%3Bs%3A8%3A%5C%22offer_id%5C%22%3Bs%3A4%3A%5C%221212%5C%22%3Bs%3A3%3A%5C%22pid%5C%22%3Bs%3A2%3A%5C%2210%5C%22%3Bs%3A4%3A%5C%22reff%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A4%3A%5C%22sub1%5C%22%3Bs%3A3%3A%5C%22740%5C%22%3Bs%3A4%3A%5C%22sub2%5C%22%3Bs%3A3%3A%5C%22frd%5C%22%3Bs%3A12%3A%5C%22utm_campaign%5C%22%3Bs%3A2%3A%5C%2210%5C%22%3B%7D%22%7D%7D
alexatracker.com/ Name: trbarid
Value: bea442939b5e6eddd372dfa1a3c70569626179c0baca61979f7985b3ef5e7713a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A3849335441092272093%3B%7D