dtfnsa.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Submitted URL: http://trackk.hairjuiceaccelerators.info/rm?u=15-96-654685
Effective URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=AmD-wItZzEo1gQA00IRKXqMq0VweN2OY16qhKM2y...
Submission: On August 28 via manual from GB — Scanned from GB
Effective URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=AmD-wItZzEo1gQA00IRKXqMq0VweN2OY16qhKM2y...
Submission: On August 28 via manual from GB — Scanned from GB
Summary
This website contacted 2 IPs
in 4 countries
across 6 domains to perform 11 HTTP transactions.
The main IP is 2a06:98c1:3120::3, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is dtfnsa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2021. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 22nd 2021. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 51.79.161.116 51.79.161.116 | 16276 (OVH) (OVH) | |
| 1 1 | 82.196.2.132 82.196.2.132 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 2 2 | 2606:4700:303... 2606:4700:3031::6815:13f1 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 18.184.38.55 18.184.38.55 | 16509 (AMAZON-02) (AMAZON-02) | |
| 5 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 6 | 2606:4700::68... 2606:4700::6812:e134 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 11 | 2 |
2
51.79.161.116
(Singapore, Singapore)
ASN16276 (OVH, FR)
PTR: 116.ip-51-79-161.net
ASN16276 (OVH, FR)
PTR: 116.ip-51-79-161.net
| trackk.hairjuiceaccelerators.info |
1
18.184.38.55
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
| zzotrack.com |
6
2606:4700::6812:e134
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| cdn.onesignal.com | |
| onesignal.com | |
| img.onesignal.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3409 onesignal.com — Cisco Umbrella Rank: 1263 img.onesignal.com — Cisco Umbrella Rank: 7055 |
193 KB |
| 5 |
dtfnsa.com
dtfnsa.com |
103 KB |
| 2 |
t0r4.com
2 redirects
tracking.t0r4.com |
1 KB |
| 2 |
hairjuiceaccelerators.info
2 redirects
trackk.hairjuiceaccelerators.info |
538 B |
| 1 |
zzotrack.com
1 redirects
zzotrack.com |
1 KB |
| 1 |
track05.com
1 redirects
track.track05.com |
330 B |
| 11 | 6 |
| Domain | Requested by | |
|---|---|---|
| 5 | dtfnsa.com |
dtfnsa.com
|
| 3 | onesignal.com |
cdn.onesignal.com
|
| 2 | cdn.onesignal.com |
dtfnsa.com
cdn.onesignal.com |
| 2 | tracking.t0r4.com | 2 redirects |
| 2 | trackk.hairjuiceaccelerators.info | 2 redirects |
| 1 | img.onesignal.com | |
| 1 | zzotrack.com | 1 redirects |
| 1 | track.track05.com | 1 redirects |
| 11 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-10-22 - 2022-10-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=AmD-wItZzEo1gQA00IRKXqMq0VweN2OY16qhKM2yA8tQx7szaEAzorXQbtDjOTFNr4kEIoXW4GnSoX9gzuXJUesOja5O9ioTubel6aU86UZDJxZHVxLJmSrELE6UYYvvvYEycsvZVi2CjxRlCu0majIxhCqEG3BYiSTF9AT8dIysy1DUubVoHkZ5o4w7R3HGNcBD0wcol7SHCaBGvUyq_KmNJ-MmVg23xaUUKaw42ImIF_5BrQ6X_WVSFYJSzkxstt1aBqGrVsRcK3-XCqE2jHdagzD0AOH4JL09KR0OWtS4luiXm-DVhurz-YWYXE_-f3ayFqBKPm8l8ha_doGa-kZUIeA2mX8bIrsmSKFEt-8fdM9IOKwzZQgvOaE6WrYpLfGmhRGIqy4EbQl7iUce7igzPQIz4blgD-d-ZcbnVIynPqoAQ956LHemhbK1UKGKVa6Mv4KJHHWzjt6kdZTpzA&lptoken=16ac61c2647571266857&pid=10&offer_id=1212&reff=&geo=DE&sub1=739&sub2=1261&clickid=630ab2377cda5f0001e07784
Frame ID: 02AD747E1450C6093DFE6A8F53A097F8
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Dies ist KEINE Datingseite!Page URL History Show full URLs
-
http://trackk.hairjuiceaccelerators.info/rm?u=15-96-654685
HTTP 302
http://trackk.hairjuiceaccelerators.info/rm?u=15-95-654685 HTTP 302
https://track.track05.com/PMI88d HTTP 302
https://tracking.t0r4.com/click?pid=739&offer_id=1261&sub1=646&sub2=SOURCE2&sub3=630ab237df063a0001a7ebd7 HTTP 302
https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=739&sub2=1261 HTTP 302
https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=... HTTP 302
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=AmD-wItZzEo1gQA00IRK... Page URL
Detected technologies
OneSignal
(Marketing automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.onesignal\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://trackk.hairjuiceaccelerators.info/rm?u=15-96-654685
HTTP 302
http://trackk.hairjuiceaccelerators.info/rm?u=15-95-654685 HTTP 302
https://track.track05.com/PMI88d HTTP 302
https://tracking.t0r4.com/click?pid=739&offer_id=1261&sub1=646&sub2=SOURCE2&sub3=630ab237df063a0001a7ebd7 HTTP 302
https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=739&sub2=1261 HTTP 302
https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=739&sub2=1261&clickid=630ab2377cda5f0001e07784 HTTP 302
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=AmD-wItZzEo1gQA00IRKXqMq0VweN2OY16qhKM2yA8tQx7szaEAzorXQbtDjOTFNr4kEIoXW4GnSoX9gzuXJUesOja5O9ioTubel6aU86UZDJxZHVxLJmSrELE6UYYvvvYEycsvZVi2CjxRlCu0majIxhCqEG3BYiSTF9AT8dIysy1DUubVoHkZ5o4w7R3HGNcBD0wcol7SHCaBGvUyq_KmNJ-MmVg23xaUUKaw42ImIF_5BrQ6X_WVSFYJSzkxstt1aBqGrVsRcK3-XCqE2jHdagzD0AOH4JL09KR0OWtS4luiXm-DVhurz-YWYXE_-f3ayFqBKPm8l8ha_doGa-kZUIeA2mX8bIrsmSKFEt-8fdM9IOKwzZQgvOaE6WrYpLfGmhRGIqy4EbQl7iUce7igzPQIz4blgD-d-ZcbnVIynPqoAQ956LHemhbK1UKGKVa6Mv4KJHHWzjt6kdZTpzA&lptoken=16ac61c2647571266857&pid=10&offer_id=1212&reff=&geo=DE&sub1=739&sub2=1261&clickid=630ab2377cda5f0001e07784 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
dtfnsa.com/de/f2397h/ Redirect Chain
|
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
style4blue.css
dtfnsa.com/de/f2397h/files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jquery.js
dtfnsa.com/de/f2397h/files/ |
94 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
showHide.js
dtfnsa.com/de/f2397h/files/ |
519 B 867 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
17.gif
dtfnsa.com/de/f2397h/files/ |
62 KB 63 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
283 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
OneSignalSDKStyles.css
onesignal.com/sdks/ |
82 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
icon
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ |
184 B 669 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ |
110 KB 110 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| OneSignal number| __oneSignalSdkLoadCount function| __jp07 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| track.track05.com/ | Name: afclick Value: 630ab237df063a0001a7ebd7 |
|
| track.track05.com/ | Name: afoffers Value: {"1602":1661645367} |
|
| tracking.t0r4.com/ | Name: afclick Value: 630ab2377cda5f0001e07784 |
|
| tracking.t0r4.com/ | Name: afoffers Value: {"1212":1661645367} |
|
| .zzotrack.com/ | Name: ff5c1bc0-53f1-4573-8083-234256664f4d-v4 Value: Y2Abp1Fw6pcWZwRLRN5NeibYB1PE95E9w245hoolPLI |
|
| .zzotrack.com/ | Name: cep-v4 Value: m3yjR_mHK0Rvr05dTyetFZCD8yfQDvfrOMPxfQdHz1SbWVkQt1fd4amkeMepkCTFQCBS-jP6dAPbzZyjDN3L-QwSWoJB-eT9lyPr518pfbu9X5K8cYJXED2UCLu9eq5JI6gKUxuHCT0y1S8K18s0gV5U1nfZLSg76VdZT4vHO4hS5ROqLse2HxrYiSwYdSV_E3sFWXKD--lFPBduaCtdFFyQBMKNkZetR23VoUJOvZjcwn-Xc7SB1kfW8jxR__mb34vlxXZdNSFauZukLcnsVe1hOkZ23_dK6l1_s4AIc1Ox0leqmBFhdANgRXitlEoFGI98th75GDiuk7JlR0paJXmdX5ZGw7nFZ3oYLUpOTrUnHeVVh-pKareiQCc6zqNyl8m2DWDlwPAgJx0UHI7gIxOGC6Iub9QKBuBSyYurEcMyqWmu0USiRLJtEsxHs1T-BAi9WP8UBRMZcqsuXTMWtA |
|
| dtfnsa.com/ | Name: attributes Value: eyJjZXAiOiJBbUQtd0l0WnpFbzFnUUEwMElSS1hxTXEwVndlTjJPWTE2cWhLTTJ5QTh0UXg3c3phRUF6b3JYUWJ0RGpPVEZOcjRrRUlvWFc0R25Tb1g5Z3p1WEpVZXNPamE1Tzlpb1R1YmVsNmFVODZVWkRKeFpIVnhMSm1TckVMRTZVWVl2dnZZRXljc3ZaVmkyQ2p4UmxDdTBtYWpJeGhDcUVHM0JZaVNURjlBVDhkSXlzeTFEVXViVm9Ia1o1bzR3N1IzSEdOY0JEMHdjb2w3U0hDYUJHdlV5cV9LbU5KLU1tVmcyM3hhVVVLYXc0MkltSUZfNUJyUTZYX1dWU0ZZSlN6a3hzdHQxYUJxR3JWc1JjSzMtWENxRTJqSGRhZ3pEMEFPSDRKTDA5S1IwT1d0UzRsdWlYbS1EVmh1cnotWVdZWEVfLWYzYXlGcUJLUG04bDhoYV9kb0dhLWtaVUllQTJtWDhiSXJzbVNLRkV0LThmZE05SU9Ld3paUWd2T2FFNldyWXBMZkdtaFJHSXF5NEViUWw3aVVjZTdpZ3pQUUl6NGJsZ0QtZC1aY2JuVkl5blBxb0FROTU2TEhlbWhiSzFVS0dLVmE2TXY0S0pISFd6anQ2a2RaVHB6QSIsImNsaWNraWQiOiI2MzBhYjIzNzdjZGE1ZjAwMDFlMDc3ODQiLCJkYXRhMyI6IjEyMTIiLCJkYXRhNCI6IiIsImVtYWlsIjoiIiwiZ2VvIjoiREUiLCJscHRva2VuIjoiMTZhYzYxYzI2NDc1NzEyNjY4NTciLCJvZmZlcl9pZCI6IjEyMTIiLCJwaWQiOiIxMCIsInJlZmYiOiIiLCJzdWIxIjoiNzM5Iiwic3ViMiI6IjEyNjEiLCJ1dG1fY2FtcGFpZ24iOiIxMCJ9 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.onesignal.com
dtfnsa.com
img.onesignal.com
onesignal.com
track.track05.com
tracking.t0r4.com
trackk.hairjuiceaccelerators.info
zzotrack.com
18.184.38.55
2606:4700:3031::6815:13f1
2606:4700::6812:e134
2a06:98c1:3120::3
51.79.161.116
82.196.2.132
018a81855cd618db7fd7b71b8e4f221665f3bbb18b2b59c865220348b476a974
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da
ca398ab4dfcdf838fee4ecbfa16539408bcd973a1b885b9c8729a842462ac81b
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7