urlscan.io logo urlscan.io
SecurityTrails logo

dtfnsa.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://letsfuntogethernow.com/pyGXrvpb?aid=bxhppkdxhx&kid=fpazdzbkpxb&sub1=mojnu%20HTTP%20302
Effective URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNl...
Submission: On June 01 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 10 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dtfnsa.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2022. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 172.67.165.105 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 18.184.38.55 16509 (AMAZON-02)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 209.95.52.178 32780 (HOSTINGSE...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 6
1    2606:4700:3032::ac43:be81 (United States)

ASN13335 (CLOUDFLARENET, US)
letsfuntogethernow.com
1    172.67.165.105 (United States)

ASN13335 (CLOUDFLARENET, US)
hotloveland.com
1    2606:4700:3037::6815:b53 (United States)

ASN13335 (CLOUDFLARENET, US)
m.luvmenow.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.rwttrack.com
1    18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
zzotrack.com
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dtfnsa.com
5    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    209.95.52.178 (New York, United States)

ASN32780 (HOSTINGSERVICES-INC, US)
PTR: mail.traviskot45.tribeoftwo.com
zeniocloud.com
1    2606:4700:3032::6815:5563 (United States)

ASN13335 (CLOUDFLARENET, US)
alexatracker.com
1    2606:4700:e0::ac40:6402 (United States)

ASN13335 (CLOUDFLARENET, US)
a.7amz.com
1    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
Apex Domain
Subdomains		 Transfer
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3401
onesignal.com — Cisco Umbrella Rank: 1241
img.onesignal.com — Cisco Umbrella Rank: 6813
194 KB
5 dtfnsa.com
dtfnsa.com
103 KB
1 7amz.com
a.7amz.com — Cisco Umbrella Rank: 731442
5 KB
1 alexatracker.com
alexatracker.com — Cisco Umbrella Rank: 361011
674 B
1 zeniocloud.com
zeniocloud.com — Cisco Umbrella Rank: 436606
576 B
1 zzotrack.com
zzotrack.com
1 KB
1 rwttrack.com
tracking.rwttrack.com
659 B
1 luvmenow.com
m.luvmenow.com
667 B
1 hotloveland.com
hotloveland.com
968 B
1 letsfuntogethernow.com
letsfuntogethernow.com
1004 B
14 10
Domain Requested by
5 dtfnsa.com dtfnsa.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com dtfnsa.com
cdn.onesignal.com
1 img.onesignal.com dtfnsa.com
1 a.7amz.com dtfnsa.com
1 alexatracker.com zeniocloud.com
1 zeniocloud.com dtfnsa.com
1 zzotrack.com 1 redirects
1 tracking.rwttrack.com 1 redirects
1 m.luvmenow.com 1 redirects
1 hotloveland.com 1 redirects
1 letsfuntogethernow.com 1 redirects
14 12

This site contains links to these domains. Also see Links.

Domain
a.7amz.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-21		 a year crt.sh
zeniocloud.com
R3		 2023-05-10 -
2023-08-08		 3 months crt.sh
alexatracker.com
GTS CA 1P5		 2023-05-30 -
2023-08-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Frame ID: DCE12BD42A307CB68D63C07467688E95
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dies ist KEINE Datingseite!

Page URL History Show full URLs

  1. https://letsfuntogethernow.com/pyGXrvpb?aid=bxhppkdxhx&kid=fpazdzbkpxb&sub1=mojnu%20HTTP%20302 HTTP 302
    https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=344vvit113nrt&sub1=40716&sub2=192569... HTTP 302
    https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=1nq9ip1113nru&sub2=34496&sub3=21&sub4=344... HTTP 302
    https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64784830be63b9000192a0a9&source=34496 HTTP 302
    https://zzotrack.com/90caa546-afc1-4204-8117-2503cdd34a51?pub_id=100&campaign=246&referer=&source... HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeo... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

12
Subdomains

6
IPs

2
Countries

302 kB
Transfer

673 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://letsfuntogethernow.com/pyGXrvpb?aid=bxhppkdxhx&kid=fpazdzbkpxb&sub1=mojnu%20HTTP%20302 HTTP 302
    https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=344vvit113nrt&sub1=40716&sub2=192569&sub3=frd HTTP 302
    https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=1nq9ip1113nru&sub2=34496&sub3=21&sub4=344vvit113nrt&sub5=40716&sub6=192569&sub7=frd&sub8= HTTP 302
    https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64784830be63b9000192a0a9&source=34496 HTTP 302
    https://zzotrack.com/90caa546-afc1-4204-8117-2503cdd34a51?pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue={revenue}&clickid=64784830b2f7e9034816f76a HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dtfnsa.com/de/f2397h/
Redirect Chain
  • https://letsfuntogethernow.com/pyGXrvpb?aid=bxhppkdxhx&kid=fpazdzbkpxb&sub1=mojnu%20HTTP%20302
  • https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=344vvit113nrt&sub1=40716&sub2=192569&sub3=frd
  • https://m.luvmenow.com/click?pid=34496&offer_id=6344&sub1=1nq9ip1113nru&sub2=34496&sub3=21&sub4=344vvit113nrt&sub5=40716&sub6=192569&sub7=frd&sub8=
  • https://tracking.rwttrack.com/click?campaign_id=246&pub_id=100&p1=a_64784830be63b9000192a0a9&source=34496
  • https://zzotrack.com/90caa546-afc1-4204-8117-2503cdd34a51?pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue={revenue}&clickid=64784830b2f7e9034816f76a
  • https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-...
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b14990df2b80e7d13208b3fb5a0e0cc2c596b68bedbd9e59cd10d75b8f5a42e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7d05bad2ebae6983-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 01 Jun 2023 07:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSc2LGph5Ja%2B1xBEWWchq%2FmEe1%2Bb2QnDd70iM9L155Q8FPdcDrX8kWyzgxQbDh4Um86wVP1qy%2BlPRxwQ9DVUhRyPy%2BF3qmqXcuifjgvSccfQiePy4mzM4i7tskjuczz9akWIv8Olaq1D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Thu, 01 Jun 2023 07:26:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
pragma
no-cache
server
nginx
style4blue.css
dtfnsa.com/de/f2397h/files/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/style4blue.css
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4340
cf-polished
origSize=4758
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 31 May 2023 01:10:40 GMT
server
cloudflare
etag
W/"64769e90-1296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toUwJyJ3Tn7O1kCwKIiI6CTXa1daoqf%2B5YUDR1wtIPbVeaUVJWBLJ4zDXHlahNFGSf705Dp%2BgQuOwyo7p5s%2F4jH9Uy5H4Uzk9eedjqLT96aZVbJjQBe7%2BE8jfg7AIB8YsCWMWwMaK7qa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7d05bb344b346983-FRA
jquery.js
dtfnsa.com/de/f2397h/files/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/jquery.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4340
cf-polished
origSize=96381
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 31 May 2023 01:10:40 GMT
server
cloudflare
etag
W/"64769e90-1787d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLwBgSufz7psy0czXjbu%2BSEXq56HzpJaG6TJrhlLry1VU4529Wf56X3iAijtqDbf555nTjg3x%2BSkRzbMs8EFOr7yYtTTbsGYfVpMEM5ZCx31fZPnqrmvgwUdaSOydTWY98I3zs%2FMsHoL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7d05bb344b356983-FRA
showHide.js
dtfnsa.com/de/f2397h/files/ 		519 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/showHide.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4340
cf-polished
origSize=1513
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 31 May 2023 01:10:40 GMT
server
cloudflare
etag
W/"64769e90-5e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrMSiy2FyZi0NwjppUCjeq3ThXttu21HVtTotnfKcL6GpIJ3xsmfwbTrCSXCoB2Ls6WZTHF3qAFHxs86a0stFWrJV7CzMNRxyXMycKIQqowmOnLhi6rC3oUqgzc%2FbGksYoSJ%2FpwMdRz5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7d05bb344b376983-FRA
17.gif
dtfnsa.com/de/f2397h/files/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/de/f2397h/files/17.gif
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:56 GMT
cf-cache-status
HIT
last-modified
Wed, 31 May 2023 01:10:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4304
etag
"64769e90-f8ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2YlO3G7HwbuCST1BNIsYDaiBn0UHmeWPplAqKrWWhJNACXN6fwCB8GatuxfAIv%2BFPGv36wImpml8K1HYKEqzn%2F%2BM8cBDi3ZYm%2FSy%2B1x5SezdTlDJ7xIE7h8%2F2h20rTMDUhrACu9LLaY"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7d05bb344b426983-FRA
alt-svc
h3=":443"; ma=86400
content-length
63725
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:56 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2033
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7d05bb347d378fca-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 04 Jun 2023 07:26:56 GMT
gAIA.js
zeniocloud.com/ 		595 B
576 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.95.52.178 New York, United States, ASN32780 (HOSTINGSERVICES-INC, US),
Reverse DNS
mail.traviskot45.tribeoftwo.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 01 Jun 2023 07:26:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:56 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2032
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7d05bb34ed8c8fca-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 04 Jun 2023 07:26:56 GMT
web
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa664a1243e55eba2cf5e9875c7d531c99f48e01c1628f12272af829f7376c2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2b2e08f3-0dbc-46a1-8a54-9182558183da
x-runtime
0.032081
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"faa664a1243e55eba2cf5e9875c7d531"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7d05bb354dd68fca-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 01 Jun 2023 08:26:56 GMT
gAIA.js
alexatracker.com/jscode/ 		0
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://alexatracker.com/jscode/gAIA.js?sub1=&sub2=dtfnsa.com&sub3=&sub4=&sub5=&prid=
Requested by
Host: zeniocloud.com
URL: https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 01 Jun 2023 07:26:57 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aC2O1tgnQ%2BlcPrYtfUbsRoYPNRihwLXAGBEolRD5r22c3ZAeG75QYzIg8EAzj%2BWiGPSDndb485H%2FSNbdYEcjdw6clTX9m%2FI3F2MCrsqgxFWkLGQUM33EjWW4OSYPxBES6dbMVf7a64PVDJKBmEtn"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
7d05bb381ebf3a64-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
oauth2
a.7amz.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.7amz.com/oauth2?id=402&r=1989&pu=0&tu=1&bs=0
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6402 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2174360a8d2ea54fc4781e8bb214570c1d652328df13627bedd981be04a50e77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 17 May 1998 03:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyDFz114714xvE0YmJqfYTGl0gaoZbc6zCdAOvah3IhuAIlWdle6PxNGzfxIGHT%2BY2wzXg2juFkEcalNl6Ya%2FueOUc8BegxJBMbcBB1YN9oCElowwf3SUh0UaLyP%2BTad0oRws2%2BFctup"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
referer
a.7amz.com
cf-ray
7d05bb38098fbbf2-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 26 Jul 1997 05:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:57 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2031
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7d05bb37f80235f7-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 01 Jul 2023 07:26:57 GMT
icon
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ 		184 B
757 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 07:26:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3e06f0e6-d4da-44d2-9233-9e52e7d8ad7e
x-runtime
0.007304
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"50fa27fa000bdd8c136de3481bf2ad5a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7d05bb382dfa37d1-FRA
access-control-allow-headers
SDK-Version
d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/d26527ec-822b-4b87-8dd0-ed808da427a4
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=100&data3=246&data4=&email=&cep=MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ&lptoken=1674858260bf62d20197&pub_id=100&campaign=246&referer=&source=34496&sub_source=&p1=a_64784830be63b9000192a0a9&revenue=%7Brevenue%7D&clickid=64784830b2f7e9034816f76a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Thu, 01 Jun 2023 07:26:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdv4lTg8F6cOQdZrFfGLRVxmrL9FvKGG3XP-bTfTg-XywnIhmomt8XeguV0SW2sNnUIgqtkTRnlFG4SBnNerhZeTYFEtWEvt
x-goog-meta-x-goog-source-etag
"f9ba9add911ac7dbe6cb5d19f26f4f20"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
112512
pragma
no-cache
last-modified
Tue, 14 Feb 2023 04:01:48 GMT
server
cloudflare
etag
"-CJCx3q6QlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676347308480656
content-type
application/octet-stream
x-goog-hash
crc32c=xjn+Hw==, md5=+bqa3ZEax9vmy10Z8m9PIA==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
112512
accept-ranges
bytes
cf-ray
7d05bb38a9298fca-FRA
expires
Sun, 02 Jul 2023 07:26:57 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 object| adnPopConfig object| ADNPOP object| ADNMOBPOP

14 Cookies

Domain/Path Name / Value
letsfuntogethernow.com/ Name: _subid
Value: 344vvit113nrt
letsfuntogethernow.com/ Name: b0608
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ5NDEyN1wiOjE2ODU2MDQ0MDAsXCI4XCI6MTY4NTYwNDQwMH0sXCJjYW1wYWlnbnNcIjp7XCIxOTI1NjlcIjoxNjg1NjA0NDAwLFwiMVwiOjE2ODU2MDQ0MDB9LFwidGltZVwiOjE2ODU2MDQ0MDB9In0.0U5l0J9puI4cqbpfu01UnOtemc97sjJYj84h7LtYtUM
letsfuntogethernow.com/ Name: _token
Value: uuid_344vvit113nrt_344vvit113nrt647848305d9720.12791959
hotloveland.com/ Name: _subid
Value: 1nq9ip1113nru
hotloveland.com/ Name: b0608
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2ODU2MDQ0MDB9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjg1NjA0NDAwfSxcInRpbWVcIjoxNjg1NjA0NDAwfSJ9.aejFawnZH5EvAx3dhzCnY1iMZpeCqsRQWsQ-u2HgMtE
hotloveland.com/ Name: _token
Value: uuid_1nq9ip1113nru_1nq9ip1113nru64784830bcd9b3.88583260
m.luvmenow.com/ Name: afclick
Value: 64784830be63b9000192a0a9
m.luvmenow.com/ Name: afoffers
Value: {"6344":1685604400}
tracking.rwttrack.com/ Name: sess_6463ca6198cd0931be2b1034
Value: 63ff388140958208f0283c29
.zzotrack.com/ Name: 90caa546-afc1-4204-8117-2503cdd34a51-v4
Value: p0zxdqBelQ5NumdWqNKC1OzIvGQgzP_m0cz5kde1h1w
.zzotrack.com/ Name: cep-v4
Value: Q7HTzRX74P9R6cfp5F01MCPAoSd2xtvmH0gLWI4R_QLVKzJxWSFU0awdS3NZrq7Tw6vlsYY8K9aXWj6KlkDcj1PiU-0xYywVILRy-nfHsn7abrfWqq7ydYn6HULNWkYy9jrTrveBuENqp3E2Y7EeF0ZJz7wfQU43XCW4JIdK743xBGXmKEE3S7Sn3bEURlxeA5AN04bYyEcRuwLLgMDvpVUOPa8F1IUzkB8XaOZT_Heb4Fq9EI33OJCE5yrIFabGzBgzGp_qtWhyZhrajZJ8v-rrlCWQHo15W73ihULlS4UYq9CBKawuGcDW92q0BPMVj6mMXM6ZiWQsIdIT9kqbSQfw4iBc9_lJ9YrlvlCzHb-d3l43ETyjfo7ToNAVk9zuyvwFq5BzscY9AHDgLErjqwdya9GE9Ewjw305rTEbMeF68ZsDEx8XXv_h3MGX0YOwb59yUfDt-2S-XYBMGwAvXeHbM1ET74VI8K_EBq9chJsB2eYVlupIV9dktdwZmAJBNQBMVIdEhsjM-mugwTp7ew
dtfnsa.com/ Name: wl
Value: %7B%22attributes%22%3A%7B%22ttl%22%3Anull%2C%22value%22%3A%22a%3A14%3A%7Bs%3A8%3A%5C%22campaign%5C%22%3Bs%3A3%3A%5C%22246%5C%22%3Bs%3A3%3A%5C%22cep%5C%22%3Bs%3A534%3A%5C%22MviYAuJh3lYLx_YpXVeoU5qUKVR3qP6f2Kka7uNlvLNF2uGKt0aZAeSFpECJj0TKjzKETVGF6ngmd30BjCO6L_CMQvVo99b5bA8Zd7GVqs47vHJ6CtEmOvt8W-enXNUfY-lAdv_UcJp6R-jAfOfhfYFOcdh36sp6qGWy5dPQtAVQbWwvD4pqcMfytroWAqg8E33etoKvvSbJE4bYYUymFZwuiH7xRq7X1kUvTy__np2u6e02P44s7PEEkkkmo8QHNo6I4SrHlRbusPpOE9mTpyWW8f3vrrcaRitz8-dsV3Bn-U7PyvofunYwNbbaoTOMUUkiNSbrKEnwg4re4u4uO1cmplVaeJt9RxQzhnzOQNQNqEqqO-Qc3PLQYgIBAYSohxKzeEYTYP8xbXUv3jPl8i7GJk0xCOnRpcnC5nRHo1sqXBWjfL3rByJUhwmzOhtvIwaQwaG3JEOXzD-XNVcu22TqF0XoNeuY2StMCYVoGJQ30wcA6c1Ua1XCpTSugIncG2oCikJInNxgc7iugsmBDQ%5C%22%3Bs%3A7%3A%5C%22clickid%5C%22%3Bs%3A24%3A%5C%2264784830b2f7e9034816f76a%5C%22%3Bs%3A5%3A%5C%22data3%5C%22%3Bs%3A3%3A%5C%22246%5C%22%3Bs%3A5%3A%5C%22data4%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A5%3A%5C%22email%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A7%3A%5C%22lptoken%5C%22%3Bs%3A20%3A%5C%221674858260bf62d20197%5C%22%3Bs%3A2%3A%5C%22p1%5C%22%3Bs%3A26%3A%5C%22a_64784830be63b9000192a0a9%5C%22%3Bs%3A6%3A%5C%22pub_id%5C%22%3Bs%3A3%3A%5C%22100%5C%22%3Bs%3A7%3A%5C%22referer%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A7%3A%5C%22revenue%5C%22%3Bs%3A9%3A%5C%22%7Brevenue%7D%5C%22%3Bs%3A6%3A%5C%22source%5C%22%3Bs%3A5%3A%5C%2234496%5C%22%3Bs%3A10%3A%5C%22sub_source%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A12%3A%5C%22utm_campaign%5C%22%3Bs%3A3%3A%5C%22100%5C%22%3B%7D%22%7D%7D
.onesignal.com/ Name: __cf_bm
Value: .hKj3zaxmIN5Cg1WAwzodo3gRn4sk3z_8Eg02z_DweU-1685604416-0-AcGvXMXVjpTBSA5j3Y+ECEh9FDkGfXc+NzBXhPTtlTP+fXI4yhVpyEB2AeG6/PK/ZYo4AOU5IMfRMIllI+MuBOY=
alexatracker.com/ Name: trbarid
Value: 4a00bf94bb3ee49eda67820ed7154effe980fe601ccccf18136b105a81288d0ea%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A2004951938742372417%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.7amz.com
alexatracker.com
cdn.onesignal.com
dtfnsa.com
hotloveland.com
img.onesignal.com
letsfuntogethernow.com
m.luvmenow.com
onesignal.com
tracking.rwttrack.com
zeniocloud.com
zzotrack.com
172.67.165.105
18.184.38.55
209.95.52.178
2606:4700:3032::6815:5563
2606:4700:3032::ac43:be81
2606:4700:3037::6815:b53
2606:4700::6812:d63b
2606:4700::6812:d73b
2606:4700:e0::ac40:6402
2a06:98c1:3120::3
2a06:98c1:3121::3
0b14990df2b80e7d13208b3fb5a0e0cc2c596b68bedbd9e59cd10d75b8f5a42e
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
2174360a8d2ea54fc4781e8bb214570c1d652328df13627bedd981be04a50e77
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
faa664a1243e55eba2cf5e9875c7d531c99f48e01c1628f12272af829f7376c2
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766