urlscan.io logo urlscan.io
SecurityTrails logo

dtfnsa.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://virginiesav4.satisfecho.eu.org/l/rnNVPk6X
Effective URL: https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95V...
Submission: On May 28 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dtfnsa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2021. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.214.153.131 46606 (UNIFIEDLA...)
4 4 173.236.72.36 32475 (SINGLEHOP...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.184.38.55 16509 (AMAZON-02)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
11 2
1    162.214.153.131 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-214-153-131.unifiedlayer.com
virginiesav4.satisfecho.eu.org
4    173.236.72.36 (Naperville, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: en04-phx.stablehost.com
dwnvgu.top
fey.io
2    2606:4700:3035::ac43:be7f (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.t0r4.com
1    18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
zzotrack.com
5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dtfnsa.com
6    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
Apex Domain
Subdomains		 Transfer
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3029
onesignal.com — Cisco Umbrella Rank: 1276
img.onesignal.com — Cisco Umbrella Rank: 6685
193 KB
5 dtfnsa.com
dtfnsa.com
103 KB
3 fey.io
fey.io
448 B
2 t0r4.com
tracking.t0r4.com
1 KB
1 zzotrack.com
zzotrack.com — Cisco Umbrella Rank: 828105
1 KB
1 dwnvgu.top
dwnvgu.top
328 B
1 eu.org
virginiesav4.satisfecho.eu.org
317 B
11 7
Domain Requested by
5 dtfnsa.com dtfnsa.com
3 onesignal.com cdn.onesignal.com
3 fey.io 3 redirects
2 cdn.onesignal.com dtfnsa.com
cdn.onesignal.com
2 tracking.t0r4.com 2 redirects
1 img.onesignal.com
1 zzotrack.com 1 redirects
1 dwnvgu.top 1 redirects
1 virginiesav4.satisfecho.eu.org 1 redirects
11 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-22 -
2022-10-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
Frame ID: 7EF2F2C5C99A9FF9B21FF3736B4175C8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dies ist KEINE Datingseite!

Page URL History Show full URLs

  1. http://virginiesav4.satisfecho.eu.org/l/rnNVPk6X HTTP 302
    https://dwnvgu.top/zero-91-NLRfGsqBmSo4vVeAJioy HTTP 302
    https://fey.io/wait/new.php?idne=91&rnd=NLRfGsqBmSo4vVeAJioyA1 HTTP 302
    https://fey.io/wait/dating.php?idne=91 HTTP 302
    https://fey.io/wait/torazzo.php?refid=91&s3=DE&s4=80.255.7.109 HTTP 302
    https://tracking.t0r4.com/click?pid=97&offer_id=791&sub1=91&sub2=80.255.7.109&sub3=DE HTTP 302
    https://tracking.t0r4.com/click?pid=2&offer_id=888 HTTP 302
    https://zzotrack.com/1608c29d-9ef4-475a-81cf-1171f70493e3?pid=2&offer_id=888&reff=&geo=DE&sub1=&s... HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AY... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

2
IPs

2
Countries

296 kB
Transfer

658 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://virginiesav4.satisfecho.eu.org/l/rnNVPk6X HTTP 302
    https://dwnvgu.top/zero-91-NLRfGsqBmSo4vVeAJioy HTTP 302
    https://fey.io/wait/new.php?idne=91&rnd=NLRfGsqBmSo4vVeAJioyA1 HTTP 302
    https://fey.io/wait/dating.php?idne=91 HTTP 302
    https://fey.io/wait/torazzo.php?refid=91&s3=DE&s4=80.255.7.109 HTTP 302
    https://tracking.t0r4.com/click?pid=97&offer_id=791&sub1=91&sub2=80.255.7.109&sub3=DE HTTP 302
    https://tracking.t0r4.com/click?pid=2&offer_id=888 HTTP 302
    https://zzotrack.com/1608c29d-9ef4-475a-81cf-1171f70493e3?pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1 HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dtfnsa.com/de/f2397h/
Redirect Chain
  • http://virginiesav4.satisfecho.eu.org/l/rnNVPk6X
  • https://dwnvgu.top/zero-91-NLRfGsqBmSo4vVeAJioy
  • https://fey.io/wait/new.php?idne=91&rnd=NLRfGsqBmSo4vVeAJioyA1
  • https://fey.io/wait/dating.php?idne=91
  • https://fey.io/wait/torazzo.php?refid=91&s3=DE&s4=80.255.7.109
  • https://tracking.t0r4.com/click?pid=97&offer_id=791&sub1=91&sub2=80.255.7.109&sub3=DE
  • https://tracking.t0r4.com/click?pid=2&offer_id=888
  • https://zzotrack.com/1608c29d-9ef4-475a-81cf-1171f70493e3?pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
  • https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHs...
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca398ab4dfcdf838fee4ecbfa16539408bcd973a1b885b9c8729a842462ac81b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71264de4192f926e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 28 May 2022 10:28:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BuWsbuwmVXNoaIVN2FBNI7%2B6fhJJylhXyqk%2BI9L8F1aAzs6VGHjF4AD62m2MtDBJWcXKB0OfgEhDfMMqKso0HYgArDk818%2Bos4ATmcnVuuEYvK9wtWwAzfvNCRrBsiGcpbhOp3VXvCI"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sat, 28 May 2022 10:28:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
pragma
no-cache
server
nginx
style4blue.css
dtfnsa.com/de/f2397h/files/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/style4blue.css
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 10:28:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=4758
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 25 May 2022 01:04:29 GMT
server
cloudflare
etag
W/"628d809d-1296"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=huuSmx37Ke%2BQ7tPulY16jWPp6bkhrhIerD1KHn21J9WF47T4qTwYrcKCjQHLq%2B0tDZCB2MYVCrQbRCdNtOQ67YmTi9TNTFHBKif8NZe6BxWY0Slmn2XCyyyZXBC4qbzLznh%2BcVbFSLK%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
71264de55bf469a3-FRA
cf-bgj
minify
jquery.js
dtfnsa.com/de/f2397h/files/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/jquery.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 10:28:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=96381
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 25 May 2022 01:04:29 GMT
server
cloudflare
etag
W/"628d809d-1787d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70d%2FOiVBRjhnEpe2BFaMYaE%2Bsy1M2w9GwUwvrrmZCGH7dU%2Fg2%2Bpb%2Bk627HPEpkMfar1ehAnZx9chjjfPG7%2BCpTeBtS5KOsBHFxqiRGyxtWrFIJovaXlj0t3Occ8jSqABVd45njBYj3Hw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
71264de55bf769a3-FRA
cf-bgj
minify
showHide.js
dtfnsa.com/de/f2397h/files/ 		519 B
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/showHide.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 10:28:34 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1513
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 25 May 2022 01:04:29 GMT
server
cloudflare
etag
W/"628d809d-5e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4h1fkTwd04sYAderaJGQkxgbG8iFObTtKaDNy0HscybX%2BFs8qEYXU9Qc%2Be1lxlo%2Fs90TkhiaHPeWSSO4esKOiZ6l4KzWd8gDgfezO3l6xHlOgB%2B%2FSKItrtx5sQE8atXmO6J%2BJzrj2Yb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
71264de55bfd69a3-FRA
cf-bgj
minify
17.gif
dtfnsa.com/de/f2397h/files/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/de/f2397h/files/17.gif
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 10:28:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1854
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63725
last-modified
Wed, 25 May 2022 01:04:29 GMT
server
cloudflare
etag
"628d809d-f8ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6ShWMszWkPI30W%2B5iy%2BA%2FvVZGP8FjVHG11acJmbvuOpUwj6Mu%2FfcjbJ%2F7YOfQOLWOITvRPLYOpf6ERXwxveRBVEhz2P%2FGypP6%2BMR3LRTrRw9ua58HXZCe1yZAAT79k0q%2FCvIIgGxSpE"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
71264de55c0069a3-FRA
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=2&data3=888&data4=&email=&cep=F0XzVHyRcJ3DTb03rOx7AYCemAzoFeM607ksG7p95VibaqAHDFwHdofd3SV52mvBPojpWR1O2g4_vs2zGY9U8JOZ8JadAlaEOIDOF7zn-stMNe9Wl9lOcrKgaOHsZbieJUDo-WTsbDuOA4Ir7SjQpLxdZBO2hgePAwB8xV97w2rHW8qzobZhhS-4DjZp88eEGkIZmfTsi1YXchNLoLY2xMaAjpa-vud4ixfISwWnSqo6-DQQpwBCF79lQX7qqS73dQZCh_Q3gqF5YLoO06srdkL1Rd7Lgh6i5j3e71vQRP2NjLD2c1Ijpc3Aap882JT_BWgY7ugevZsd4l-HP49tjisT0ichChRQ5ueXm7QUeHc7Q0WF92pMDybBQ54BiWKc80ZjhPTO7j5s9xziMDGJ-KiPuVbJWX3vWv65H-MR1qgkmUfBu_SsvVz8vEuDv4FPU8Wz652d4X4ghFk6dIFY2A&lptoken=168b53c273ec556914d5&pid=2&offer_id=888&reff=&geo=DE&sub1=&sub2=&clickid=6291f95230d88600014c8af1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
71264de5df39693d-FRA
date
Sat, 28 May 2022 10:28:34 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2098
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 May 2022 10:28:34 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
71264de77cc4908e-FRA
date
Sat, 28 May 2022 10:28:35 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2097
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 May 2022 10:28:35 GMT
web
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e20a38db757dc8fae283d3518e37aab774b69788ac2158c7cef2e2d01da6c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 10:28:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
2841
cf-polished
origSize=4986
status
200 OK
x-envoy-upstream-service-time
29
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
420538b4-66db-4954-b18c-e6ec517ff20a
x-runtime
0.027768
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"cf60b81581ee499250412f96591fceb2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
71264de87bb6693d-FRA
access-control-allow-headers
SDK-Version
expires
Sat, 28 May 2022 11:28:35 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray
71264dfbd8d9908e-FRA
date
Sat, 28 May 2022 10:28:38 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
2100
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 27 Jun 2022 10:28:38 GMT
icon
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ 		184 B
640 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 10:28:38 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
10
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
104b72b0-6c31-4f55-acbb-4990e81deb38
x-runtime
0.008312
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"50fa27fa000bdd8c136de3481bf2ad5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
71264dfc8dba5b7a-FRA
access-control-allow-headers
SDK-Version
d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/d26527ec-822b-4b87-8dd0-ed808da427a4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 28 May 2022 10:28:38 GMT
cf-cache-status
HIT
age
2092
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112512
x-amz-id-2
jVDtuFbLwGvVfjBubJgGzhZiqlGfTENKziOT4HlHY5H+bc3E+cu/zDp6moeU1U3du5ISDZV+ZVE=
last-modified
Fri, 28 Jan 2022 15:36:15 GMT
server
cloudflare
etag
"f9ba9add911ac7dbe6cb5d19f26f4f20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
0H25CRPYBQCFBTKB
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
71264dfd2fcf693d-FRA
expires
Tue, 28 Jun 2022 10:28:38 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery function| OneSignal number| __oneSignalSdkLoadCount function| __jp0

5 Cookies

Domain/Path Name / Value
tracking.t0r4.com/ Name: afclick
Value: 6291f95230d88600014c8af1
tracking.t0r4.com/ Name: afoffers
Value: {"888":1653733714}
.zzotrack.com/ Name: 1608c29d-9ef4-475a-81cf-1171f70493e3-v4
Value: a0P2q7KUOHwArLCl-wHOAWP4rwgYkNVOo6cbynKyGNA
.zzotrack.com/ Name: cep-v4
Value: e640UyVga4zbdy_VNMH1N-jcIURbf4_gPD7G0qpjDpQAXXi1Uea0u2b_yUmvr-hKOSv5HzNvL7zpFTdLbE3H9bVGaqJW3QJP7r6JPu7Dh73cOVZhCcVgm3nKo64NEWHhyZFCFrlMO5PaKUR8zgmA2kkq_zXvXdw84jLt1QHY0GafSDOcLIR06LudnRdMBKZ_RWng1jbZFiE-H8Kze_GfCOEtANMCjZxUuIhnb3L9YN2GJpXinFSMiKJjw5f4RN5_a8ZiZINU2R8bU2Yub4MO4cZEB7waQD-GgcM_HZgPnPZNV6x3OrrJVlVv8ett0lq-lQodj5x9Br71e05gnlQlpSk3M_PMhMvLDuZ9tTPuuMdW-YCG7O4bUVuO0bYMicPEqwilLR9iTt02BR59A9V59dP5xM3JKPbLFtftOY_mCG_V2BJFmOk4k1RhE2i3Zen0_bdELeBHqhIfb-Lfp-HPLw
dtfnsa.com/ Name: attributes
Value: eyJjZXAiOiJGMFh6Vkh5UmNKM0RUYjAzck94N0FZQ2VtQXpvRmVNNjA3a3NHN3A5NVZpYmFxQUhERndIZG9mZDNTVjUybXZCUG9qcFdSMU8yZzRfdnMyekdZOVU4Sk9aOEphZEFsYUVPSURPRjd6bi1zdE1OZTlXbDlsT2NyS2dhT0hzWmJpZUpVRG8tV1RzYkR1T0E0SXI3U2pRcEx4ZFpCTzJoZ2VQQXdCOHhWOTd3MnJIVzhxem9iWmhoUy00RGpacDg4ZUVHa0labWZUc2kxWVhjaE5Mb0xZMnhNYUFqcGEtdnVkNGl4ZklTd1duU3FvNi1EUVFwd0JDRjc5bFFYN3FxUzczZFFaQ2hfUTNncUY1WUxvTzA2c3Jka0wxUmQ3TGdoNmk1ajNlNzF2UVJQMk5qTEQyYzFJanBjM0FhcDg4MkpUX0JXZ1k3dWdldlpzZDRsLUhQNDl0amlzVDBpY2hDaFJRNXVlWG03UVVlSGM3UTBXRjkycE1EeWJCUTU0QmlXS2M4MFpqaFBUTzdqNXM5eHppTURHSi1LaVB1VmJKV1gzdld2NjVILU1SMXFna21VZkJ1X1NzdlZ6OHZFdUR2NEZQVThXejY1MmQ0WDRnaEZrNmRJRlkyQSIsImNsaWNraWQiOiI2MjkxZjk1MjMwZDg4NjAwMDE0YzhhZjEiLCJkYXRhMyI6Ijg4OCIsImRhdGE0IjoiIiwiZW1haWwiOiIiLCJnZW8iOiJERSIsImxwdG9rZW4iOiIxNjhiNTNjMjczZWM1NTY5MTRkNSIsIm9mZmVyX2lkIjoiODg4IiwicGlkIjoiMiIsInJlZmYiOiIiLCJzdWIxIjoiIiwic3ViMiI6IiIsInV0bV9jYW1wYWlnbiI6IjIifQ