urlscan.io logo urlscan.io
SecurityTrails logo

dtfnsa.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://onlyhotdates.com/HGzJHsv1?aid=gkagabadh&kid=fxxxdxphxdh&sub1=Elina
Effective URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZF...
Submission: On April 02 via manual from HU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 11 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dtfnsa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2022. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 172.67.165.105 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.91.234.242 396982 (GOOGLE-CL...)
1 1 18.184.38.55 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 167.114.67.56 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 6
7    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
onlyhotdates.com
tracking.bangbangtrack.com
dtfnsa.com
1    172.67.165.105 (United States)

ASN13335 (CLOUDFLARENET, US)
hotloveland.com
2    2606:4700:3031::ac43:a5ac (United States)

ASN13335 (CLOUDFLARENET, US)
m.luvmenow.com
t.luvmenow.com
1    34.91.234.242 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 242.234.91.34.bc.googleusercontent.com
track.hookupking.com
1    18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
zzotrack.com
5    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    167.114.67.56 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: 56.ip-167-114-67.net
zeniocloud.com
1    2606:4700:3033::ac43:cc70 (United States)

ASN13335 (CLOUDFLARENET, US)
alexatracker.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
a.7amz.com
1    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3575
onesignal.com — Cisco Umbrella Rank: 1243
img.onesignal.com — Cisco Umbrella Rank: 6776
194 KB
5 dtfnsa.com
dtfnsa.com
103 KB
2 luvmenow.com
m.luvmenow.com
t.luvmenow.com
994 B
1 7amz.com
a.7amz.com — Cisco Umbrella Rank: 959971
5 KB
1 alexatracker.com
alexatracker.com — Cisco Umbrella Rank: 377685
698 B
1 zeniocloud.com
zeniocloud.com — Cisco Umbrella Rank: 513265
429 B
1 zzotrack.com
zzotrack.com
1 KB
1 bangbangtrack.com
tracking.bangbangtrack.com
681 B
1 hookupking.com
track.hookupking.com — Cisco Umbrella Rank: 917599
338 B
1 hotloveland.com
hotloveland.com
992 B
1 onlyhotdates.com
onlyhotdates.com
1 KB
14 11
Domain Requested by
5 dtfnsa.com dtfnsa.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com dtfnsa.com
cdn.onesignal.com
1 img.onesignal.com dtfnsa.com
1 a.7amz.com dtfnsa.com
1 alexatracker.com zeniocloud.com
1 zeniocloud.com dtfnsa.com
1 zzotrack.com 1 redirects
1 tracking.bangbangtrack.com 1 redirects
1 track.hookupking.com 1 redirects
1 t.luvmenow.com 1 redirects
1 m.luvmenow.com 1 redirects
1 hotloveland.com 1 redirects
1 onlyhotdates.com 1 redirects
14 14

This site contains links to these domains. Also see Links.

Domain
a.7amz.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-21		 a year crt.sh
zeniocloud.com
R3		 2023-03-16 -
2023-06-14		 3 months crt.sh
*.alexatracker.com
GTS CA 1P5		 2023-04-01 -
2023-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Frame ID: EE0A57401A443011127450B88B6B1412
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dies ist KEINE Datingseite!

Page URL History Show full URLs

  1. https://onlyhotdates.com/HGzJHsv1?aid=gkagabadh&kid=fxxxdxphxdh&sub1=Elina HTTP 302
    https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=2lrcqvtnk5ba&sub1=22145&sub2=191475&... HTTP 302
    https://m.luvmenow.com/click?pid=34496&offer_id=1521&sub1=3ojtujlnk5bb&sub2=34496&sub3=21&sub4=2lrc... HTTP 302
    https://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=34496&sub1=3ojtujlnk5bb&sub2=34496&sub3=2... HTTP 302
    https://track.hookupking.com/click?pid=12646&offer_id=8235&sub2=34496&sub1=a_642987a95980a0000166a3b8 HTTP 302
    https://tracking.bangbangtrack.com/click?campaign_id=68&pub_id=63&source=12646&p1=642987aa6b6b270001b398ee HTTP 302
    https://zzotrack.com/23ed0fb2-8c95-47bf-9bc1-922d6e18aea6?pub_id=63&campaign=68&referer=&source=1... HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

60 %
IPv6

11
Domains

14
Subdomains

6
IPs

4
Countries

302 kB
Transfer

673 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://onlyhotdates.com/HGzJHsv1?aid=gkagabadh&kid=fxxxdxphxdh&sub1=Elina HTTP 302
    https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=2lrcqvtnk5ba&sub1=22145&sub2=191475&sub3=frd HTTP 302
    https://m.luvmenow.com/click?pid=34496&offer_id=1521&sub1=3ojtujlnk5bb&sub2=34496&sub3=21&sub4=2lrcqvtnk5ba&sub5=22145&sub6=191475&sub7=frd&sub8= HTTP 302
    https://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=34496&sub1=3ojtujlnk5bb&sub2=34496&sub3=21&sub4=2lrcqvtnk5ba&sub5=22145&sub6=191475&sub7=frd&sub8= HTTP 302
    https://track.hookupking.com/click?pid=12646&offer_id=8235&sub2=34496&sub1=a_642987a95980a0000166a3b8 HTTP 302
    https://tracking.bangbangtrack.com/click?campaign_id=68&pub_id=63&source=12646&p1=642987aa6b6b270001b398ee HTTP 302
    https://zzotrack.com/23ed0fb2-8c95-47bf-9bc1-922d6e18aea6?pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue={revenue}&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dtfnsa.com/de/f2397h/
Redirect Chain
  • https://onlyhotdates.com/HGzJHsv1?aid=gkagabadh&kid=fxxxdxphxdh&sub1=Elina
  • https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=2lrcqvtnk5ba&sub1=22145&sub2=191475&sub3=frd
  • https://m.luvmenow.com/click?pid=34496&offer_id=1521&sub1=3ojtujlnk5bb&sub2=34496&sub3=21&sub4=2lrcqvtnk5ba&sub5=22145&sub6=191475&sub7=frd&sub8=
  • https://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=34496&sub1=3ojtujlnk5bb&sub2=34496&sub3=21&sub4=2lrcqvtnk5ba&sub5=22145&sub6=191475&sub7=frd&sub8=
  • https://track.hookupking.com/click?pid=12646&offer_id=8235&sub2=34496&sub1=a_642987a95980a0000166a3b8
  • https://tracking.bangbangtrack.com/click?campaign_id=68&pub_id=63&source=12646&p1=642987aa6b6b270001b398ee
  • https://zzotrack.com/23ed0fb2-8c95-47bf-9bc1-922d6e18aea6?pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue={revenue}&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
  • https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuW...
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09990f1269337d37fc3bc958d9ce81cd05c4ca795fd201b717129cc6389bbf1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b1987897a550c05-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 02 Apr 2023 13:48:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0CLsZbw2PLKeO%2Bl0VRiVKWM6n6rsi8kdd1JCsi1Gx%2Fxc6O0WrZxTy1A7xmDuMDfMTDwTLqlHwEBwpZ89GtlUKQefH09BNJnlNr9MdQZd6BXQjPsNH4x5gEHXEK7RbTJWt8u2p17nv9b"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sun, 02 Apr 2023 13:48:26 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
pragma
no-cache
server
nginx
style4blue.css
dtfnsa.com/de/f2397h/files/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/style4blue.css
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6176
cf-polished
origSize=4758
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 31 Mar 2023 03:41:52 GMT
server
cloudflare
etag
W/"64265680-1296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDsFL%2Bn0u%2BMxAPmS9CM0ERfwfrL22EKNRpaZXO2FcJQBQHHa0w5dV8yFQD94w0UKpdEO7X5uYvLuM8UctZ0mpdBdSmMCqp30VHoWtX%2BpEnxZiISyPv9LxYBMSjtupoEu8x49IyKs5fjh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7b19878afaef0c05-AMS
jquery.js
dtfnsa.com/de/f2397h/files/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/jquery.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6176
cf-polished
origSize=96381
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 31 Mar 2023 03:41:52 GMT
server
cloudflare
etag
W/"64265680-1787d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDPJOsybLj%2BOpxHtutZd7E2kUwUbasI%2FbbvVmDoQg4rdZLX%2BlUZiXHXJJmPe0SQUN8i419WhaZQ5bZCFip111kVGaOizvCj9TMKwuuYhCw7Jb0pxCsWV%2F8JI5EWF7Ebmk%2Fk97HyiNJhb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7b19878afaf00c05-AMS
showHide.js
dtfnsa.com/de/f2397h/files/ 		519 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/showHide.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6176
cf-polished
origSize=1513
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 31 Mar 2023 03:41:52 GMT
server
cloudflare
etag
W/"64265680-5e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IT4ZzDOs4kAN8Gzaio0JfYOocyLYoyFBp09o6qoQ2xrcjEOMm5zI1O8SVT2Xv%2B5Cst13XimiM53d1f8zlJ2ilUPmpzngEHOY%2B4ueX2nSe1VWs7Y2voMFxN9Cb%2BJysdvKMRvjXaK9mO9Y"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7b19878afaf10c05-AMS
17.gif
dtfnsa.com/de/f2397h/files/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/de/f2397h/files/17.gif
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:26 GMT
cf-cache-status
HIT
last-modified
Fri, 31 Mar 2023 03:41:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6176
etag
"64265680-f8ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kpmsNc9QuJYMO8NkW2ocijwbHWI0ecz%2FLxHKsLsEB4aLr4riW4pKZvDOn6KI62BRZvIGJdWuyy0c6kATSOe6PqCpdHawUlf078%2F82g7P2sDQanNjSU7ZNPWWK3V%2Fl93IGgga7zyQcdV"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7b19878b1b030c05-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63725
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2570
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7b19878b58420be4-AMS
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Apr 2023 13:48:26 GMT
gAIA.js
zeniocloud.com/ 		595 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.114.67.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
56.ip-167-114-67.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:27 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2568
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7b19878b88750be4-AMS
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 05 Apr 2023 13:48:26 GMT
web
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52a7524236e70f78bc60b89252a0e6dfac4f82fbe376940a0cfa88b61c8c70db
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:26 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
59e1d476-9069-4572-843b-49ba89e25d03
x-runtime
0.020365
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"52a7524236e70f78bc60b89252a0e6df"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7b19878be9140be4-AMS
access-control-allow-headers
SDK-Version
expires
Sun, 02 Apr 2023 14:48:26 GMT
gAIA.js
alexatracker.com/jscode/ 		0
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://alexatracker.com/jscode/gAIA.js?sub1=&sub2=dtfnsa.com&sub3=&sub4=&sub5=&prid=
Requested by
Host: zeniocloud.com
URL: https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cc70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 02 Apr 2023 13:48:27 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TSdu9V%2FNDocfah%2FL3AIC9xVU9nZ5V1bval8EY9AGp%2BdQlC4vgZwx9wrPdQ%2B53XGiPdj5%2FS6Yw8JhAUA8cdL9kVQ4VXq5uouYFqAXVsqlvX7FdraSMQxreSZ3QudpEmLKOeeqHReYxya4MrGwm%2FF"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
7b19878f2a4ed0c5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
oauth2
a.7amz.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.7amz.com/oauth2?id=402&r=61114&pu=0&tu=1&bs=0
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2174360a8d2ea54fc4781e8bb214570c1d652328df13627bedd981be04a50e77

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 17 May 1998 03:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJO1cF44LBxE8qdnrEgUNijjf3kdt5Md2SFZygTv39Yg8fDYQ3MK%2Bd0iSBMOqIMYMsrlFV2NeBAO4nbTi1OShLUKUUalRLuSN7MmOUUi5KhtUBZAVjCfVGGLPAJ7GvJ3sT8AwHQbe6bE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
referer
a.7amz.com
cf-ray
7b19878f2c860e88-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 26 Jul 1997 05:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:27 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2568
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7b19878ef94ab7e4-AMS
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 May 2023 13:48:27 GMT
icon
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ 		184 B
777 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 13:48:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7b119525-304a-43db-b496-d884abb64128
x-runtime
0.018309
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"50fa27fa000bdd8c136de3481bf2ad5a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7b19878f59481ca5-AMS
access-control-allow-headers
SDK-Version
d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/d26527ec-822b-4b87-8dd0-ed808da427a4
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=63&data3=68&data4=&email=&cep=g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg&lptoken=168780ff44cf513b0657&pub_id=63&campaign=68&referer=&source=12646&sub_source=&revenue=%7Brevenue%7D&clickid=642987aa1e73280346896299&p1=642987aa6b6b270001b398ee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Sun, 02 Apr 2023 13:48:27 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycduAR0yPnxAdbPx4xz1INDSXfyEDHgtduSF3vkYYgULcypXUr_2EHAruOmyQdiK_tI5pfKcdQhrdMDooFQKQ0rnr_g2sZYLB
x-goog-meta-x-goog-source-etag
"f9ba9add911ac7dbe6cb5d19f26f4f20"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112512
pragma
no-cache
last-modified
Tue, 14 Feb 2023 04:01:48 GMT
server
cloudflare
etag
"-CJCx3q6QlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676347308480656
content-type
application/octet-stream
x-goog-hash
crc32c=xjn+Hw==, md5=+bqa3ZEax9vmy10Z8m9PIA==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
112512
accept-ranges
bytes
cf-ray
7b19878fbd010be4-AMS
expires
Wed, 03 May 2023 13:48:27 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 object| adnPopConfig object| ADNPOP object| ADNMOBPOP

15 Cookies

Domain/Path Name / Value
onlyhotdates.com/ Name: _subid
Value: 2lrcqvtnk5ba
onlyhotdates.com/ Name: b0608
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ5MTg5NFwiOjE2ODA0NDMzMDQsXCIyOFwiOjE2ODA0NDMzMDR9LFwiY2FtcGFpZ25zXCI6e1wiMTkxNDc1XCI6MTY4MDQ0MzMwNCxcIjFcIjoxNjgwNDQzMzA0fSxcInRpbWVcIjoxNjgwNDQzMzA0fSJ9.Kxs4oJA5_C15uFFZefMwF39YDREu8aU_4O7MHVZgFq0
onlyhotdates.com/ Name: _token
Value: uuid_2lrcqvtnk5ba_2lrcqvtnk5ba642987a8e385b0.01717738
hotloveland.com/ Name: _subid
Value: 3ojtujlnk5bb
hotloveland.com/ Name: b0608
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2ODA0NDMzMDV9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjgwNDQzMzA1fSxcInRpbWVcIjoxNjgwNDQzMzA1fSJ9.Z6rKIzRgyVupqphlDIaNM09j_0QhchFhoWuXBZ2kqY4
hotloveland.com/ Name: _token
Value: uuid_3ojtujlnk5bb_3ojtujlnk5bb642987a9b1c5b9.91661343
t.luvmenow.com/ Name: afclick
Value: 642987a95980a0000166a3b8
track.hookupking.com/ Name: afclick
Value: 642987aa6b6b270001b398ee
track.hookupking.com/ Name: afoffers
Value: {"8235":1680443306}
tracking.bangbangtrack.com/ Name: sess_63bd668792c2b97fd20ce7db
Value: 63908893cd38153ccd61e5af
.zzotrack.com/ Name: 23ed0fb2-8c95-47bf-9bc1-922d6e18aea6-v4
Value: s6dciLz8Igel0KHqx57u7lvkfbAUArz7J9_ZBNyeabQ
.zzotrack.com/ Name: cep-v4
Value: MJg793ptl6NsoJo0_rgk_jsNI24JM4fKfOFbWFO3fYS5UKhjBeWyLXBafnhCRjps2Ehxs7SJWUJlcBqrpHJ9pz_YKNscdyLNlQFNdGE5MwLg5kOmMRFIeiZcLc7m2wXnfVqFZ3d728gbAdhln8K51HKaEyUOk1cW7h7IbQdd_K22bFNeM_VC5Kr28shdrTb9LBNzxAdTvF-tNQ65Gz5ofGKtvBXqEoDqvV9IueItJyaZYCQ3Ift8FTLyy_3-2661Kw06N8i3RHvqRmISXVZrw4zZLNzNratEft7B81hTRkmnIJBBdyG2MnGTRqNlHGwWKZCQzAjf9np9iqsg4UFPKMTcyfSEvTNQh4ZsMENN5ZzvSvxgYf8o14d0AdiMewfmUzhbisSJh_5yA4EanY11NVVsBmpx85d4z9HIU2dQM-KcoNKKsRmWUstSKIF-ed4AYeg7Q9Uvr1pnRIfbTVHUBhiyA5NI2mbm2z2B9RPJ8YRjoX-5rF372OhzvjnsWcfeWhjcUUqtQM39DOMIGPDpfA
dtfnsa.com/ Name: wl
Value: %7B%22attributes%22%3A%7B%22ttl%22%3Anull%2C%22value%22%3A%22a%3A14%3A%7Bs%3A8%3A%5C%22campaign%5C%22%3Bs%3A2%3A%5C%2268%5C%22%3Bs%3A3%3A%5C%22cep%5C%22%3Bs%3A534%3A%5C%22g-l22vWa4KmspUGWQTBRN2nS9_xXZBV2ShdgrRcxZFjNRCk24QS-ZICZQkoXDFBIto37G1U3eb7Mx8mlLcwVYx99iqrQyamAft3dDODkW700_my4lrKS8_rxPUuWL0-zOQ4OfAymDdje15uvMclEn6_hfRxV9Qy4Wk6vaFGrYYzrldfEtorHW3Vm0cdNr1YrkH7phuNPGd3jnYEC0W6XHwsAL0Taff327Aps_fCW01IsbSpAZCSJep2RfeuWqSL7QSryv8jhxoZzB4s8cU-KX_leX9Vx2dnn2D0RhvA8x-Q9PNmc3oRlJKG8retiNhTYmZ3M1dHviKnFsLl_8ATqiI4QWxiQ_ZXwgxjD3TwRsGr8ZkIzekxZvEzPoPXKyu02tCgiyxj-9OuTdI45ZtYn84yWcmbORI9t--apZ2pps3dgZSHFycLHhXS0D0u5VOF05DTQYSyrnFsfyVGfN7Ekkc60gVqMLnPGRaI0d3XnumBB40DXk2jOwISxBMk-Feki5jwjCTbFJ6YykDxwFmfRGg%5C%22%3Bs%3A7%3A%5C%22clickid%5C%22%3Bs%3A24%3A%5C%22642987aa1e73280346896299%5C%22%3Bs%3A5%3A%5C%22data3%5C%22%3Bs%3A2%3A%5C%2268%5C%22%3Bs%3A5%3A%5C%22data4%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A5%3A%5C%22email%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A7%3A%5C%22lptoken%5C%22%3Bs%3A20%3A%5C%22168780ff44cf513b0657%5C%22%3Bs%3A2%3A%5C%22p1%5C%22%3Bs%3A24%3A%5C%22642987aa6b6b270001b398ee%5C%22%3Bs%3A6%3A%5C%22pub_id%5C%22%3Bs%3A2%3A%5C%2263%5C%22%3Bs%3A7%3A%5C%22referer%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A7%3A%5C%22revenue%5C%22%3Bs%3A9%3A%5C%22%7Brevenue%7D%5C%22%3Bs%3A6%3A%5C%22source%5C%22%3Bs%3A5%3A%5C%2212646%5C%22%3Bs%3A10%3A%5C%22sub_source%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A12%3A%5C%22utm_campaign%5C%22%3Bs%3A2%3A%5C%2263%5C%22%3B%7D%22%7D%7D
.onesignal.com/ Name: __cf_bm
Value: cLtWjRYyD7HmVmdy3Y4CKI5t1EUKrBV1NpnZLThqNuE-1680443306-0-ASv8NK0BxU1QGnUsa9kvcNzY+/bgImIvfztMTfxtVoQl/Xgmx3u1y3wld9n9Jcl7HXPzlq914rg9KC+vm8BZhdo=
alexatracker.com/ Name: trbarid
Value: 937f370cc6a3091b746fb71b69df60898cb47e97c62c99bc117afe7292be9fdca%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A1034954353987389355%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.7amz.com
alexatracker.com
cdn.onesignal.com
dtfnsa.com
hotloveland.com
img.onesignal.com
m.luvmenow.com
onesignal.com
onlyhotdates.com
t.luvmenow.com
track.hookupking.com
tracking.bangbangtrack.com
zeniocloud.com
zzotrack.com
167.114.67.56
172.67.165.105
18.184.38.55
2606:4700:3031::ac43:a5ac
2606:4700:3033::ac43:cc70
2606:4700::6812:d63b
2606:4700::6812:d73b
2a06:98c1:3120::3
2a06:98c1:3121::3
34.91.234.242
09990f1269337d37fc3bc958d9ce81cd05c4ca795fd201b717129cc6389bbf1b
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
2174360a8d2ea54fc4781e8bb214570c1d652328df13627bedd981be04a50e77
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
52a7524236e70f78bc60b89252a0e6dfac4f82fbe376940a0cfa88b61c8c70db
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766