dtfnsa.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://todaybestgame.com/Morris24
Effective URL:
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEF...
Submission: On August 07 via manual (August 7th 2022, 12:17:11 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dtfnsa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2021. Valid for: a year.

This is the only time dtfnsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	194.233.65.245 194.233.65.245	141995 (CAPL-AS-A...) (CAPL-AS-AP Contabo Asia Private Limited)
1 1	157.245.233.39 157.245.233.39	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	52.205.36.237 52.205.36.237	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2606:4700:303... 2606:4700:3031::6815:13f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	18.184.38.55 18.184.38.55	16509 (AMAZON-02) (AMAZON-02)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	3

1 194.233.65.245 (Singapore, Singapore) 1 redirects

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: sg.whiteregistrar.com

todaybestgame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.245.233.39 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

track.profithubcash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.36.237 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-36-237.compute-1.amazonaws.com

www.trkxc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:13f1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

tracking.t0r4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.38.55 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com

zzotrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dtfnsa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3235 onesignal.com — Cisco Umbrella Rank: 1193 img.onesignal.com — Cisco Umbrella Rank: 6570	193 KB
5	dtfnsa.com dtfnsa.com	103 KB
2	t0r4.com 2 redirects tracking.t0r4.com — Cisco Umbrella Rank: 858734	1 KB
1	zzotrack.com 1 redirects zzotrack.com — Cisco Umbrella Rank: 788477	1 KB
1	trkxc.com 1 redirects www.trkxc.com	2 KB
1	profithubcash.com 1 redirects track.profithubcash.com	388 B
1	todaybestgame.com 1 redirects todaybestgame.com	239 B
11	7

	Domain	Requested by
5	dtfnsa.com	dtfnsa.com
3	onesignal.com	cdn.onesignal.com
2	cdn.onesignal.com	dtfnsa.com cdn.onesignal.com
2	tracking.t0r4.com	2 redirects
1	img.onesignal.com
1	zzotrack.com	1 redirects
1	www.trkxc.com	1 redirects
1	track.profithubcash.com	1 redirects
1	todaybestgame.com	1 redirects
11	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-22` - `2022-10-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
Frame ID: 6D562505356EAD8ABF25A972D02A32EC
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dies ist KEINE Datingseite!

Page URL History Show full URLs

https://todaybestgame.com/Morris24 HTTP 301
https://track.profithubcash.com//tr?offer_id=75&aff_id=4470 HTTP 307
http://www.trkxc.com/aff_c?offer_id=15121&aff_id=35997&aff_sub=9b0b3107e9319ca68cb06c922c4255a842... HTTP 302
https://tracking.t0r4.com/click?pid=975&offer_id=1202&sub1=&sub2=35997&sub3=1020ce02d0aadd10c815c3ab57... HTTP 302
https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=975&sub2=1202 HTTP 302
https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=... HTTP 302
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFU... Page URL

Detected technologies

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

3
IPs

3
Countries

296 kB
Transfer

658 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://todaybestgame.com/Morris24 HTTP 301
https://track.profithubcash.com//tr?offer_id=75&aff_id=4470 HTTP 307
http://www.trkxc.com/aff_c?offer_id=15121&aff_id=35997&aff_sub=9b0b3107e9319ca68cb06c922c4255a842aa945e&aff_sub2=4470 HTTP 302
https://tracking.t0r4.com/click?pid=975&offer_id=1202&sub1=&sub2=35997&sub3=1020ce02d0aadd10c815c3ab574730 HTTP 302
https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=975&sub2=1202 HTTP 302
https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1 HTTP 302
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dtfnsa.com/de/f2397h/
Redirect Chain

https://todaybestgame.com/Morris24
https://track.profithubcash.com//tr?offer_id=75&aff_id=4470
http://www.trkxc.com/aff_c?offer_id=15121&aff_id=35997&aff_sub=9b0b3107e9319ca68cb06c922c4255a842aa945e&aff_sub2=4470
https://tracking.t0r4.com/click?pid=975&offer_id=1202&sub1=&sub2=35997&sub3=1020ce02d0aadd10c815c3ab574730
https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=975&sub2=1202
https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6l...

9 KB
4 KB

268ms
192ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 014afd9e07a31dc61b680995fdd49964e7868d981dcb4ce8ecf856bc6d62f204

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 736bd3cba8bbbb9e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 07 Aug 2022 00:17:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2HJvYMzNF3Bgl1nJeY2K1KIi7uaIpnVRV7W66Bp8xyabYwdr8IsFtTVFGSK%2B2yK2Fo%2B9DyODcmLrPD3Np9rTfXbnH1MpTQYmRfssu2SpLA7rFJBvwd6u35I8VEmwrX73aOgpT5n8c6A"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Sun, 07 Aug 2022 00:17:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
pragma: no-cache
server: nginx

GET
H3 200 style4blue.css
dtfnsa.com/de/f2397h/files/ 3 KB
1 KB 28ms
14ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtfnsa.com/de/f2397h/files/style4blue.css
Requested by: Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 00:17:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5909
cf-polished: origSize=4758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Aug 2022 05:24:18 GMT
server: cloudflare
etag: W/"62eb5802-1296"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yKdQUXwz7dz%2BOOmynif1YWGzYacPfXTWcZ5d7nE3VoGPk%2BPAdI8Du06qNQfTbUgzLdR%2B%2FeG5Nx0WhZtvIyUm2rAKfT%2BFd8JfOmfXYiGAOGcqpnpHhor4KaGakOtBkcHbMJ4BD9c4tsQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 736bd3ccf8119bd6-FRA
cf-bgj: minify

GET
H3 200 jquery.js Show response
dtfnsa.com/de/f2397h/files/ 94 KB
34 KB 29ms
16ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtfnsa.com/de/f2397h/files/jquery.js
Requested by: Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 00:17:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5648
cf-polished: origSize=96381
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Aug 2022 05:24:18 GMT
server: cloudflare
etag: W/"62eb5802-1787d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXJFYVeRkBffwMh739QJUKauvTdzOU1RgD6M%2Fxmrs%2Bj%2BhVnXymNJAuuxkfzIlFLNJfUEJ%2FNMNC50utYn8vT59%2B6%2BZ3PEufp09IDAy0FZfBWO3ukhmZQKQkQVhv96MSuLp3ftfmnKiiqY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 736bd3ccf8109bd6-FRA
cf-bgj: minify

GET
H3 200 showHide.js Show response
dtfnsa.com/de/f2397h/files/ 519 B
865 B 42ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dtfnsa.com/de/f2397h/files/showHide.js
Requested by: Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 00:17:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5060
cf-polished: origSize=1513
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Aug 2022 05:24:18 GMT
server: cloudflare
etag: W/"62eb5802-5e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htgB2bynCZANQ%2B5yLJil4CpcvCzwz%2BXGTK5CCUYd9UNXlogOmmQGU5xnGUOvKQv0X6dLJiN71Q%2FNGofyBkgHD353ZoJT4dWPW5CqYnSzclUcntL1a%2Ba7OOGLTx5o0FNoCMLTO36IhFgj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 736bd3ccf80e9bd6-FRA
cf-bgj: minify

GET
H3 200 17.gif
dtfnsa.com/de/f2397h/files/ 62 KB
63 KB 15ms
14ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dtfnsa.com/de/f2397h/files/17.gif
Requested by: Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 00:17:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63725
last-modified: Thu, 04 Aug 2022 05:24:18 GMT
server: cloudflare
etag: "62eb5802-f8ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptqY%2Fi%2F2ylqqJj%2Br8LHVAwouqX6EnB0gXP%2F7nfukiFvnv5fzfWnemV1clyigP6JzU20vbET72Tb5haySnV%2FPpIY2B4yREm89Vieo6E96%2BQFF7%2FgTrIHEkroaJdkQ28HKtVuDT5Nf7mp0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 736bd3ccf8219bd6-FRA

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 51ms
18ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=fYy14yriGqhaLXw-_DFUjb8c2cCD2LcH1uUz7LEFtZ0_5umiuUMbu-QxqIynmH1M-pLZsjG_tzzRYjUkhRIPGVSuFRJmZ2HCkBehvtsqg0_iCvRJA7LiyAWi6lqIasGkFmxEnQC9KzcQY7_2fu5gW35wFUKwxAs9rZvTMMOkYqolDlZKG9tBaqN2QTBkB9_fKbssENkOd_5UzKa5T7kj6EcyBlaEuZd_er4_oUruO5caIwGIeTKdRpR1J0Ac0uoKIZkRV2jLfgjTLCMTWG-OWZsoGIgaPDvUDe2hJ11RP_eYgahvdZG7oXglO-WX9SIjg3qdRumIOSfW8yEXVU6WKh0zBdx0a_s9MHKzQG3L6Tyi4MLakrcX4MkEEIbyctJBFDA9mLK_xvvXlhszqyVffPOiBl3jMR4CwDyU1b3y_P8&lptoken=1691599b837a322c2567&pid=10&offer_id=1212&reff=&geo=DE&sub1=975&sub2=1202&clickid=62ef04817cda5f0001802fb1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 736bd3cd3ece912e-FRA
date: Sun, 07 Aug 2022 00:17:06 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2710
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 10 Aug 2022 00:17:06 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 37ms
26ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 736bd3cd7e799972-FRA
date: Sun, 07 Aug 2022 00:17:06 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2711
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 10 Aug 2022 00:17:06 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ 5 KB
2 KB 28ms
14ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58dd4a4b0b33e3dc8c443c151dddb8b62d4e95d245f3d8b2fd21005fcdd58499

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 00:17:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 344
cf-polished: origSize=4986
status: 200 OK
x-envoy-upstream-service-time: 28
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5de4eed7-7a77-4281-8a48-0f98aeca836b
x-runtime: 0.026980
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8d1c88dab39ed68f66870d3a2be9096e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 736bd3cddf45912e-FRA
access-control-allow-headers: SDK-Version
expires: Sun, 07 Aug 2022 01:17:06 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 19ms
18ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 736bd3e0cbf99972-FRA
date: Sun, 07 Aug 2022 00:17:09 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 2712
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Sep 2022 00:17:09 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ 184 B
668 B 47ms
36ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 00:17:09 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 10
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a27a5205-7881-42ff-908d-cef8e0307efe
x-runtime: 0.008893
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"50fa27fa000bdd8c136de3481bf2ad5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
cf-ray: 736bd3e11ac39134-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ 110 KB
110 KB 28ms
15ms Image
image/png 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/permanent/d26527ec-822b-4b87-8dd0-ed808da427a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfnsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 00:17:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3379
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 112512
x-amz-id-2: Lxg1859Hd09p2iL7aeNLRbX+M2xETObY2/DCa/JeC0S99GOYDlROQ42d0NvwlHUZL/unUsHKsJw=
last-modified: Fri, 28 Jan 2022 15:36:15 GMT
server: cloudflare
etag: "f9ba9add911ac7dbe6cb5d19f26f4f20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains
x-amz-request-id: 9SJ0JZHV91CYNSRZ
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 736bd3e16814912e-FRA
expires: Wed, 07 Sep 2022 00:17:09 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
track.profithubcash.com/	1970-01-20 05:05:17	Name: click_id Value: 9b0b3107e9319ca68cb06c922c4255a842aa945e
tracking.t0r4.com/	1970-01-20 13:49:27	Name: afclick Value: 62ef04817cda5f0001802fb1
tracking.t0r4.com/	1970-01-20 13:49:27	Name: afoffers Value: {"1212":1659831425}
.zzotrack.com/	1970-01-20 05:05:17	Name: ff5c1bc0-53f1-4573-8083-234256664f4d-v4 Value: eLfLtvW24o_kyYw47v6neh9Wb_n697XgOVcBoZOgJ68
.zzotrack.com/	1970-01-20 05:05:17	Name: cep-v4 Value: NCrLpsc4jCm-GgR5r94fWmoO6s2E18FzkAFkx4ITaNdb9k4thhPr1B17K3AWqIEVISbQJbRGAPSk_c31xzldNSnIcxbGrhm7D89jYFXnmvTrLVNSACW75DziqYk-gGEc9Xwf28gRVs27DdktIjnNE91VZif4xK6n5AU8-idSZjK1nxoeeCk7Oej1kvEUHSd5BC4NgWhfWTTJ8rC_Avc4t7rkc0VIPxYhmzA84XBbNytnB598cSogqyG03CoQAvmaIJo95nYB5OiArBVAYFYWEl_64xQngW0ypTykOKekk9w44bddw_QgGSdUnlbPa4e2QiIUGq9WbYjsjf4ulkFbZfVAQaecdwdvWD5gNvC-egBWn87ag_PFNhhFHf9DP0ygL3MyQlHl-_sotG9Fkmd0hgUhj_u4WGpbkHVGnvA3kpU
dtfnsa.com/	1969-12-31 23:59:59	Name: attributes Value: eyJjZXAiOiJmWXkxNHlyaUdxaGFMWHctX0RGVWpiOGMyY0NEMkxjSDF1VXo3TEVGdFowXzV1bWl1VU1idS1ReHFJeW5tSDFNLXBMWnNqR190enpSWWpVa2hSSVBHVlN1RlJKbVoySENrQmVodnRzcWcwX2lDdlJKQTdMaXlBV2k2bHFJYXNHa0ZteEVuUUM5S3pjUVk3XzJmdTVnVzM1d0ZVS3d4QXM5clp2VE1NT2tZcW9sRGxaS0c5dEJhcU4yUVRCa0I5X2ZLYnNzRU5rT2RfNVV6S2E1VDdrajZFY3lCbGFFdVpkX2VyNF9vVXJ1TzVjYUl3R0llVEtkUnBSMUowQWMwdW9LSVprUlYyakxmZ2pUTENNVFdHLU9XWnNvR0lnYVBEdlVEZTJoSjExUlBfZVlnYWh2ZFpHN29YZ2xPLVdYOVNJamczcWRSdW1JT1NmVzh5RVhWVTZXS2gwekJkeDBhX3M5TUhLelFHM0w2VHlpNE1MYWtyY1g0TWtFRUlieWN0SkJGREE5bUxLX3h2dlhsaHN6cXlWZmZQT2lCbDNqTVI0Q3dEeVUxYjN5X1A4IiwiY2xpY2tpZCI6IjYyZWYwNDgxN2NkYTVmMDAwMTgwMmZiMSIsImRhdGEzIjoiMTIxMiIsImRhdGE0IjoiIiwiZW1haWwiOiIiLCJnZW8iOiJERSIsImxwdG9rZW4iOiIxNjkxNTk5YjgzN2EzMjJjMjU2NyIsIm9mZmVyX2lkIjoiMTIxMiIsInBpZCI6IjEwIiwicmVmZiI6IiIsInN1YjEiOiI5NzUiLCJzdWIyIjoiMTIwMiIsInV0bV9jYW1wYWlnbiI6IjEwIn0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.onesignal.com
dtfnsa.com
img.onesignal.com
onesignal.com
todaybestgame.com
track.profithubcash.com
tracking.t0r4.com
www.trkxc.com
zzotrack.com
157.245.233.39
18.184.38.55
194.233.65.245
2606:4700:3031::6815:13f1
2606:4700::6812:e134
2606:4700::6812:e234
2a06:98c1:3120::3
52.205.36.237
014afd9e07a31dc61b680995fdd49964e7868d981dcb4ce8ecf856bc6d62f204
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
58dd4a4b0b33e3dc8c443c151dddb8b62d4e95d245f3d8b2fd21005fcdd58499
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

dtfnsa.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

7 Domains

9 Subdomains

3 IPs

3 Countries

296 kBTransfer

658 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

6 Cookies

Indicators

dtfnsa.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

3
IPs

3
Countries

296 kB
Transfer

658 kB
Size

6
Cookies

11 HTTP transactions
0 data transactions