urlscan.io logo urlscan.io
SecurityTrails logo

dtfnsa.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://opnlink.cc/9c0cce
Effective URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVz...
Submission: On May 09 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 9 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dtfnsa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2022. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.27.34 16509 (AMAZON-02)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 13.56.68.84 16509 (AMAZON-02)
10 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 167.114.67.56 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
19 5
1    13.32.27.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-34.fra56.r.cloudfront.net
opnlink.cc
2    2606:4700:3037::6815:4bdd (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.rmkrco.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.bangbangtrack.com
a.7amz.com
1    13.56.68.84 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-68-84.us-west-1.compute.amazonaws.com
zzotrack.com
10    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dtfnsa.com
6    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    167.114.67.56 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: 56.ip-167-114-67.net
zeniocloud.com
1    2606:4700:3032::6815:5563 (United States)

ASN13335 (CLOUDFLARENET, US)
alexatracker.com
Apex Domain
Subdomains		 Transfer
10 dtfnsa.com
dtfnsa.com
377 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3525
onesignal.com — Cisco Umbrella Rank: 1305
img.onesignal.com — Cisco Umbrella Rank: 7750
194 KB
2 rmkrco.com
tracking.rmkrco.com
2 KB
1 7amz.com
a.7amz.com — Cisco Umbrella Rank: 781335
5 KB
1 alexatracker.com
alexatracker.com — Cisco Umbrella Rank: 430300
691 B
1 zeniocloud.com
zeniocloud.com — Cisco Umbrella Rank: 546098
429 B
1 zzotrack.com
zzotrack.com
1 KB
1 bangbangtrack.com
tracking.bangbangtrack.com
692 B
1 opnlink.cc
opnlink.cc
468 B
19 9
Domain Requested by
10 dtfnsa.com dtfnsa.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com dtfnsa.com
cdn.onesignal.com
2 tracking.rmkrco.com 2 redirects
1 img.onesignal.com dtfnsa.com
1 a.7amz.com dtfnsa.com
1 alexatracker.com zeniocloud.com
1 zeniocloud.com dtfnsa.com
1 zzotrack.com 1 redirects
1 tracking.bangbangtrack.com 1 redirects
1 opnlink.cc 1 redirects
19 11

This site contains links to these domains. Also see Links.

Domain
a.7amz.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-21		 a year crt.sh
zeniocloud.com
R3		 2023-03-16 -
2023-06-14		 3 months crt.sh
*.alexatracker.com
GTS CA 1P5		 2023-04-01 -
2023-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Frame ID: DE7D51B3530DCA1EDDF549AEF7EB6279
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Meet Horny Girls who are DTF Tonight!!!

Page URL History Show full URLs

  1. https://opnlink.cc/9c0cce HTTP 302
    https://tracking.rmkrco.com/aff_c?offer_id=21200&aff_id=4832 HTTP 302
    https://tracking.rmkrco.com/aff_r?offer_id=21200&aff_id=4832&url=https%3A%2F%2Ftracking.bangbangtrack.co... HTTP 302
    https://tracking.bangbangtrack.com/click?campaign_id=191&pub_id=146&p1=102787b1334931f227bb5532602cdd&source=4832 HTTP 302
    https://zzotrack.com/4900ad89-e685-4b0a-aae9-143aed9fd79b?pub_id=146&campaign=191&referer=&source... HTTP 302
    https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&e... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

19
Requests

100 %
HTTPS

63 %
IPv6

9
Domains

11
Subdomains

5
IPs

2
Countries

577 kB
Transfer

1037 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://opnlink.cc/9c0cce HTTP 302
    https://tracking.rmkrco.com/aff_c?offer_id=21200&aff_id=4832 HTTP 302
    https://tracking.rmkrco.com/aff_r?offer_id=21200&aff_id=4832&url=https%3A%2F%2Ftracking.bangbangtrack.com%2Fclick%3Fcampaign_id%3D191%26pub_id%3D146%26p1%3D102787b1334931f227bb5532602cdd%26source%3D4832&urlauth=859315562664772774599383432118 HTTP 302
    https://tracking.bangbangtrack.com/click?campaign_id=191&pub_id=146&p1=102787b1334931f227bb5532602cdd&source=4832 HTTP 302
    https://zzotrack.com/4900ad89-e685-4b0a-aae9-143aed9fd79b?pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue={revenue}&clickid=6459d59733ddef03454cffac HTTP 302
    https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dtfnsa.com/jbnIMV/
Redirect Chain
  • https://opnlink.cc/9c0cce
  • https://tracking.rmkrco.com/aff_c?offer_id=21200&aff_id=4832
  • https://tracking.rmkrco.com/aff_r?offer_id=21200&aff_id=4832&url=https%3A%2F%2Ftracking.bangbangtrack.com%2Fclick%3Fcampaign_id%3D191%26pub_id%3D146%26p1%3D102787b1334931f227bb5532602cdd%26source%3...
  • https://tracking.bangbangtrack.com/click?campaign_id=191&pub_id=146&p1=102787b1334931f227bb5532602cdd&source=4832
  • https://zzotrack.com/4900ad89-e685-4b0a-aae9-143aed9fd79b?pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue={revenue}&clickid=6459d59733ddef03454cffac
  • https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pX...
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da89966b9fca6455ff832c482b2df6fe1063ba8a7bce1da29aa80d1c2c1efd6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c476e994e627324-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 09 May 2023 05:09:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dddkTEmPMEd2kI%2BU%2FNoTcUVDACZuIKxbr%2FdjNiNGB3n3KUZDC7NHp9YRTUGfvs0d8IbAC0dVY1biqS8Y7zbTK%2FU%2Fmu7pWCT3AcEEIUFL0N1pAoBIVjLWR4%2FQ1IdDXJTMN0lBVovQDLdX"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Tue, 09 May 2023 05:09:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
pragma
no-cache
server
nginx
main.css
dtfnsa.com/jbnIMV/files/ 		122 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/jbnIMV/files/main.css
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
204f1baba050a2908d9664c4a5d6bc0b6fb46bffa064bf587211f1299a90ed0b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 06 May 2023 18:55:40 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=124550
etag
W/"6456a2ac-1e686"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5aVu9W7%2F2JbVkxzcp%2BRu8w%2B%2F10GbRIYdS7vE9yO239N0H7cHCW1BDQhaK0lrtRNKXunfu%2FgUIF7YsNEB7y%2FWLia2CjUBqf4lcn%2BuyQpKQ92ZyhBmtz8qSMGZjjYyywpdBcn8lKLUlIc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7c476e9acf5e7324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hk.png
dtfnsa.com/jbnIMV/files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/jbnIMV/files/hk.png
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c052c03f6a5394a34dccaf5af876357ddbe18abcd8f27daa5417e594fc8ca13d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 May 2023 18:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6456a2ac-142f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McuIsjSzg%2BfLrySoPk%2Fwu21OVTyUmG9%2FIDFiytreDJfbt6RKxmQOUj23%2BCbIO8xRZxgO114gawcOymaHZNPeKqnE4Xosl%2BvkXuOIgPDnktvHCbd%2FhiRPVSqtFWRj8c0myLj%2Fma4oSLQn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c476e9acf607324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5167
1.jpg
dtfnsa.com/jbnIMV/files/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/jbnIMV/files/1.jpg
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa06a0dfe5cd4a07855059844b94ca56280a68de71203e48b27e85e9faba360

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 May 2023 18:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6456a2ac-48ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8G1kkVgemCzblyRlWzGQ6i%2B3ciA0FPvJnPIoZmrKg4PNj4ZpMfX5isDCVJ7WuBdJGYvx8dBA2SUJSJM7g%2BCuIDdLa2XLtCRl%2BdPMFe36wPM%2FukEl3tWfbSfKzUtc7et7jULjC8RqMHS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c476e9acf657324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18687
2.jpg
dtfnsa.com/jbnIMV/files/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/jbnIMV/files/2.jpg
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8ced4ca7e4918a5acf80ea85e3081679ec11e01aab79b05f045eea43edffdea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 May 2023 18:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6456a2ac-73ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvUyIfOhBPHHDiyVQGYIbThBureiI989oJdVOjMC9XGjJxESfl%2FDr6Xj9pQ6EYfsh1%2Bh%2FEuIueLeFJQgjQiiBiKeJLeh9O%2Bij8hdXJzCBso3GTfbkwMNMFd2BPwSBNdJXlftyQJ%2FKDZY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c476e9acf677324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29613
3.jpg
dtfnsa.com/jbnIMV/files/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/jbnIMV/files/3.jpg
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8421b7383f31b6d1f66b9f09b729f5393eb4f3cd5863f690d3368433cd975d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 May 2023 18:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6456a2ac-77eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAPz7CdyryPTSYECYPnu6wOLCyyY5oo3E4d%2FFaI1SHRky4OVrao%2BrsmSCAFeVk5tSX6p%2FKlBbaat1rfbNoHdo1SH1G26XtlsLLJ3EBruWCZj4u15QN0x8rqYDFqSe1VdWginAGT4PojN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c476e9acf687324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30699
4.jpg
dtfnsa.com/jbnIMV/files/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/jbnIMV/files/4.jpg
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f77361dd18bce43de536414fa1df77a26990f6192f93358757df73481aa1614

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 May 2023 18:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6456a2ac-9a21"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvo8btONDrF6UMOGU4J1Wh21szsuFLmmqaX4N5W6n4G83fm1aoGbF1TeIeL7qqP8VuG4lkIGkMtqqN5U8qzpskvYFgdmAvbnL5vV7EyW5rwcRyIKRMzC87UhITDHKRO3uswpMlFsDPfU"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c476e9acf697324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39457
5.jpg
dtfnsa.com/jbnIMV/files/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/jbnIMV/files/5.jpg
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3280d35df112358347c3f0de2edc9d7fee84569ca57bac9e1a9ef23ce4199fd2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 May 2023 18:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6456a2ac-78a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZw7IZ7cbVOGjO9r3fL4UxJXqzrUiRYHU3EZ0CcLvzJdTNPUkKcwTimte00gmSRqx%2F2PbN2vr3VKbd%2BDMBk716mpUCIfkhCiJAchdEAth8%2BgFCCutI8jfcgj4BGAz7MewwrA50JXAdv8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c476e9acf6a7324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30885
6.gif
dtfnsa.com/jbnIMV/files/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/jbnIMV/files/6.gif
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2848e5a29d5e8fd0ed9fc6bd5262a7d1ed6ce2a46b3c2cef2eedc5b06cd25e6c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 06 May 2023 18:55:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6456a2ac-29ac4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cx4nOsRXQBqXDA6%2BM14VYExCr2GheDmXbgP9aUVr1wEjPqucsVswLvccZyXeYJ7tQ5vvA3yAaVgMmSIHfutKJWRuiultdaPP6VVMIsnyXABSGrPiN7JSfpkR7p94t6u21sxy0Lbgvgt"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7c476e9acf6b7324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
170692
main.js
dtfnsa.com/jbnIMV/files/ 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/jbnIMV/files/main.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad4fb0ed697d6a961b299511dd4d39bb6835abdfbc0e1dd302201702fee4587d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Sat, 06 May 2023 18:55:40 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"6456a2ac-1650a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHMXwwHyUBTTb6CIBNkMygIWN9tajqfqztdCU%2BoNcad4FOOP0Deaz0GsNhiiXf4RSpDaj8ifHvxT5j05g%2BvCdl71JLOfYeTsGhhJktq6BW%2BqYMH2UnQu%2B2Qs%2F8qUVy3M%2BnQcyIv%2BLMmJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7c476e9acf637324-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3043
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7c476e9b49784177-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 May 2023 05:09:44 GMT
gAIA.js
zeniocloud.com/ 		595 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.114.67.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
56.ip-167-114-67.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:45 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:45 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3044
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7c476e9c9aba4177-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 12 May 2023 05:09:45 GMT
web
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81722f870d133ed5e7e3accc19fb68d9f91407160888514f7ad91f4513219e4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
2381
cf-polished
origSize=4809
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
74b096e3-39fb-4d70-809f-33a0b56410f4
x-runtime
0.026978
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"e771c42d15a44af8dd765572187fc88f"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7c476e9d5b664177-LHR
access-control-allow-headers
SDK-Version
expires
Tue, 09 May 2023 06:09:45 GMT
gAIA.js
alexatracker.com/jscode/ 		0
691 B 		Script
General
Check archive.org
Download Go to
Full URL
https://alexatracker.com/jscode/gAIA.js?sub1=&sub2=dtfnsa.com&sub3=&sub4=&sub5=&prid=
Requested by
Host: zeniocloud.com
URL: https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 May 2023 05:09:45 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlwPbxr56oS0rZnh59bByjealVTA6YYm1o0RFJ72mzhnsZHvGG%2FCGHXVnZm3w8EvYe7zq3204pUkI9Xo%2FDkK7cOXPjh1n5fAuSLfu2JecXhg2AKp8ck8IuudWh4DfhPMM%2Bd5KCgi7atGitkzgQDH"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
7c476e9f188c48bb-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
oauth2
a.7amz.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.7amz.com/oauth2?id=402&r=92648&pu=0&tu=1&bs=0
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2174360a8d2ea54fc4781e8bb214570c1d652328df13627bedd981be04a50e77

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 17 May 1998 03:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4UTmyr%2FZAkAbk7x2hNqc3qAXrb6W4KwjAH%2B5gyLuWctsniy2lvCyAauBtLXkopL6Zg729VR4Tsg6xPP5%2F0FMcY%2BiPW3D1z3a%2Fofat5ucZU9wZiBM8XSNkl%2Fr0EKtwbZpvO4VrQEKNgy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
referer
a.7amz.com
cf-ray
7c476e9f2f9275b9-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 26 Jul 1997 05:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:45 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3037
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c476e9eaca6dd7d-LHR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 08 Jun 2023 05:09:45 GMT
icon
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ 		184 B
777 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 09 May 2023 05:09:45 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
68e16198-4635-4749-bc3f-703409f723fe
x-runtime
0.007119
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"50fa27fa000bdd8c136de3481bf2ad5a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7c476e9f38f5d17c-LHR
access-control-allow-headers
SDK-Version
d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/d26527ec-822b-4b87-8dd0-ed808da427a4
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/jbnIMV/?utm_campaign=4900ad89-e685-4b0a-aae9-143aed9fd79b&data3=191&data4=&email=&pid=&cep=XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ&lptoken=165683f161e607028409&pub_id=146&campaign=191&referer=&source=4832&sub_source=&p1=102787b1334931f227bb5532602cdd&revenue=%7Brevenue%7D&clickid=6459d59733ddef03454cffac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Tue, 09 May 2023 05:09:45 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
2379
x-guploader-uploadid
ADPycds6fRv16-VA0iNECUXlI7FOx1N_X-HE-j7hw6Lt0DTow10Yd2R0cW1rYIi1jLswpR4lrb1RxaxMf6-g2w8l216ARi-dZ125
x-goog-meta-x-goog-source-etag
"f9ba9add911ac7dbe6cb5d19f26f4f20"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112512
pragma
no-cache
last-modified
Tue, 14 Feb 2023 04:01:48 GMT
server
cloudflare
etag
"-CJCx3q6QlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676347308480656
content-type
application/octet-stream
x-goog-hash
crc32c=xjn+Hw==, md5=+bqa3ZEax9vmy10Z8m9PIA==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
112512
accept-ranges
bytes
cf-ray
7c476e9fce134177-LHR
expires
Fri, 09 Jun 2023 05:09:45 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| jQuery function| $ function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 object| adnPopConfig object| ADNPOP object| ADNMOBPOP

10 Cookies

Domain/Path Name / Value
opnlink.cc/ Name: leadID
Value: 69193
opnlink.cc/ Name: GeneratedToken
Value: 1987a4e16cb6a7ec8646df15df49a975
tracking.rmkrco.com/ Name: enc_aff_session_21200
Value: ENC035e78908da69ba901958eae65e8472b0f79790d94170ab085ee04083f59d8956d2da4ef8453c929bd8f792c6816fd6ce19db59119dedd63d9a100f7549156e25c0daa099e5f24ea73f2180dc3ac0b758ac3e817ead1af38d996a6ea340f3b1744fd1f4e2239f26ddbeee18ed3be4d55ad75f88356300a4498cd4e898660c50a020cc8eb9b
tracking.rmkrco.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTMiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExMy4wLjU2NzIuNjMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLUdCLGVuO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
tracking.bangbangtrack.com/ Name: sess_64369c19c86fc25e20640602
Value: 64369bd2c97b5d37f747e75b
.zzotrack.com/ Name: 4900ad89-e685-4b0a-aae9-143aed9fd79b-v4
Value: iizTHOrgiOLgkKyLNqgTWp0paKgxMYLdLCKwceF4sD8
.zzotrack.com/ Name: cep-v4
Value: MiF-gxmBj-OEELyfgrhPQM5AlFS2W_emdf7m7419rkcHcRfSTaZmcOSjd472ICxm4CMX9EBQF9JqqepOJCoGhUzxO_GOfTIBlS8oqoi2XZ-qeHDkhg26b08uNVNBHtWeIck2umtppWT3YXyNJ1dG8MCAOblvXAJycpv3M0ItqoS7yizToXNged94giJ2i4RMgQM7VuzfZtelq20AVep8CzQ77woO0Ft8tuuWabPlzkc7Dz4jgYeq3GTarDWM3kXvxsgTY-4-PJZnKtSHy0pI6PNZ7XtjEOPrtes0NaEUR9IqC1ss3xwOIeC-RA6RNzKvdoB95pA3_eDskwwxIK0NtewXE05IV7WOwVQgfTKWEJbUxkueJJv2oQJdw_qIBYX_LP7Kz5K0gpHTIoq01weHw-BLZvTwUu8O60e7Pw-3gbHi_xdK0QhcGnWpllZJgayFbJCgwXEFW4-wXDneJM1nkjXOEKMar6iM3KmxnpLWZo1knR3uDaHRJZwq84W63WIVZcvzZxUPdJtZnQ_x76Yy6Q
dtfnsa.com/ Name: wl
Value: %7B%22attributes%22%3A%7B%22ttl%22%3Anull%2C%22value%22%3A%22a%3A15%3A%7Bs%3A8%3A%5C%22campaign%5C%22%3Bs%3A3%3A%5C%22191%5C%22%3Bs%3A3%3A%5C%22cep%5C%22%3Bs%3A534%3A%5C%22XWkVznfQ7CT2bognLZ8UHJrxfkeHIyiw7ZyEmaic-ihA3IDWu4-TkRpCsjufmN8nZlnROoMJBCUw1_5u0rPr6pXHSSyz_Vp41jD67_1aQmbw_pxaZgMgi5-R0cECd6M4JHHvqrUsygAsO72kQ1MWB3AbrxDsTBX4Gd3wCIpq-jJ5OUnzwNaqFWFYKQCph0HZo9bmAw9zqkDkONpguNLxD7bASAgdcEGD7ydosh0oV3wacpQvoi9SHytVvGriDM3KNkXBD1owfAKhl6AKPYVLeIT-2FSYkZMzPTBjArQB641gTwQ7ldg0XWsPE8FV_57uoLZBfHtqb8yUoWsqBjiKNSF4kSmrQo_FGUOp0b87EiPosMJpSixM2gvdYdVqwNhorP1c54f9z1tiyWKiPt0Fe0fm-TCocH5BelA8dFkDrcgx4WSuuOAxotXSjy6XR9iq_8hNMTUc2NX7ilGm1-gUHHtCBpbXQ7ak7WzDOb6dTWfhGxBVaFYDMFj_0R-0-cpfKsaZs6yXq4ZIQKZdpfpKrQ%5C%22%3Bs%3A7%3A%5C%22clickid%5C%22%3Bs%3A24%3A%5C%226459d59733ddef03454cffac%5C%22%3Bs%3A5%3A%5C%22data3%5C%22%3Bs%3A3%3A%5C%22191%5C%22%3Bs%3A5%3A%5C%22data4%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A5%3A%5C%22email%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A7%3A%5C%22lptoken%5C%22%3Bs%3A20%3A%5C%22165683f161e607028409%5C%22%3Bs%3A2%3A%5C%22p1%5C%22%3Bs%3A30%3A%5C%22102787b1334931f227bb5532602cdd%5C%22%3Bs%3A3%3A%5C%22pid%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A6%3A%5C%22pub_id%5C%22%3Bs%3A3%3A%5C%22146%5C%22%3Bs%3A7%3A%5C%22referer%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A7%3A%5C%22revenue%5C%22%3Bs%3A9%3A%5C%22%7Brevenue%7D%5C%22%3Bs%3A6%3A%5C%22source%5C%22%3Bs%3A4%3A%5C%224832%5C%22%3Bs%3A10%3A%5C%22sub_source%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A12%3A%5C%22utm_campaign%5C%22%3Bs%3A36%3A%5C%224900ad89-e685-4b0a-aae9-143aed9fd79b%5C%22%3B%7D%22%7D%7D
.onesignal.com/ Name: __cf_bm
Value: U9b1_1Bj6c0kIUJ_BNRNoqrgIUvW4npB.QaAl1TpQbk-1683608984-0-ARTOi5ND6XO+Kzoopi/Vkr3lYo0SdsSsyhS77AAbCUDRzysjGbQaAHIDynB1f+lNF8J0FZgz565cAtlyLEhsLCA=
alexatracker.com/ Name: trbarid
Value: 9c5d874c29b2afb4e479a6f764708fa2c4538211a9425bdfd4d99813e8c00cbca%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A4520545873492039065%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.7amz.com
alexatracker.com
cdn.onesignal.com
dtfnsa.com
img.onesignal.com
onesignal.com
opnlink.cc
tracking.bangbangtrack.com
tracking.rmkrco.com
zeniocloud.com
zzotrack.com
13.32.27.34
13.56.68.84
167.114.67.56
2606:4700:3032::6815:5563
2606:4700:3037::6815:4bdd
2606:4700::6812:d73b
2a06:98c1:3120::3
2a06:98c1:3121::3
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
204f1baba050a2908d9664c4a5d6bc0b6fb46bffa064bf587211f1299a90ed0b
2174360a8d2ea54fc4781e8bb214570c1d652328df13627bedd981be04a50e77
2848e5a29d5e8fd0ed9fc6bd5262a7d1ed6ce2a46b3c2cef2eedc5b06cd25e6c
2fa06a0dfe5cd4a07855059844b94ca56280a68de71203e48b27e85e9faba360
3280d35df112358347c3f0de2edc9d7fee84569ca57bac9e1a9ef23ce4199fd2
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
5e8421b7383f31b6d1f66b9f09b729f5393eb4f3cd5863f690d3368433cd975d
5f77361dd18bce43de536414fa1df77a26990f6192f93358757df73481aa1614
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
9da89966b9fca6455ff832c482b2df6fe1063ba8a7bce1da29aa80d1c2c1efd6
ad4fb0ed697d6a961b299511dd4d39bb6835abdfbc0e1dd302201702fee4587d
c052c03f6a5394a34dccaf5af876357ddbe18abcd8f27daa5417e594fc8ca13d
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
d81722f870d133ed5e7e3accc19fb68d9f91407160888514f7ad91f4513219e4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f8ced4ca7e4918a5acf80ea85e3081679ec11e01aab79b05f045eea43edffdea
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766