urlscan.io logo urlscan.io
SecurityTrails logo

dtfnsa.com Open in urlscan Pro
2a06:98c1:3120::c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://winandlove.com/DSFgwK97?aid=bpgzpghbdg&kid=fddbgzxhddh
Effective URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt...
Submission: On January 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 9 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is dtfnsa.com. The Cisco Umbrella rank of the primary domain is 749267.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2022. Valid for: a year.
This is the only time dtfnsa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.184.38.55 16509 (AMAZON-02)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 167.114.67.56 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
13 4
1    2606:4700:3036::ac43:c6ea (United States)

ASN13335 (CLOUDFLARENET, US)
winandlove.com
1    2606:4700:3035::6815:51e5 (United States)

ASN13335 (CLOUDFLARENET, US)
hotloveland.com
1    2606:4700:3037::6815:b53 (United States)

ASN13335 (CLOUDFLARENET, US)
m.luvmenow.com
2    2606:4700:3035::ac43:be7f (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.t0r4.com
1    18.184.38.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com
zzotrack.com
5    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
dtfnsa.com
6    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    167.114.67.56 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: 56.ip-167-114-67.net
zeniocloud.com
1    2606:4700:3033::ac43:cc70 (United States)

ASN13335 (CLOUDFLARENET, US)
alexatracker.com
Apex Domain
Subdomains		 Transfer
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3300
onesignal.com — Cisco Umbrella Rank: 1332
img.onesignal.com — Cisco Umbrella Rank: 7708
193 KB
5 dtfnsa.com
dtfnsa.com — Cisco Umbrella Rank: 749267
103 KB
2 t0r4.com
tracking.t0r4.com
1 KB
1 alexatracker.com
alexatracker.com — Cisco Umbrella Rank: 468745
693 B
1 zeniocloud.com
zeniocloud.com — Cisco Umbrella Rank: 537047
429 B
1 zzotrack.com
zzotrack.com — Cisco Umbrella Rank: 859492
1 KB
1 luvmenow.com
m.luvmenow.com
678 B
1 hotloveland.com
hotloveland.com
995 B
1 winandlove.com
winandlove.com
1022 B
13 9
Domain Requested by
5 dtfnsa.com dtfnsa.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com dtfnsa.com
cdn.onesignal.com
2 tracking.t0r4.com 2 redirects
1 img.onesignal.com
1 alexatracker.com zeniocloud.com
1 zeniocloud.com dtfnsa.com
1 zzotrack.com 1 redirects
1 m.luvmenow.com 1 redirects
1 hotloveland.com 1 redirects
1 winandlove.com 1 redirects
13 11

This site contains links to these domains. Also see Links.

Domain
zzotrack.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-21		 a year crt.sh
zeniocloud.com
R3		 2022-11-15 -
2023-02-13		 3 months crt.sh
*.alexatracker.com
GTS CA 1P5		 2022-12-04 -
2023-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
Frame ID: 3C4B91A2D81496726B0A051F47A6423E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dies ist KEINE Datingseite!

Page URL History Show full URLs

  1. https://winandlove.com/DSFgwK97?aid=bpgzpghbdg&kid=fddbgzxhddh HTTP 302
    https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=2nsae4v1q5da&sub1=41818&sub2=179485&... HTTP 302
    https://m.luvmenow.com/click?pid=34496&offer_id=4531&sub1=2nsae4v1q5dl&sub2=34496&sub3=21&sub4=2nsa... HTTP 302
    https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=34496&sub3=a_63c1c19edf3fd80001b1a5ef&sub2=... HTTP 302
    https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=740&sub2=41818 HTTP 302
    https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=... HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

78 %
IPv6

9
Domains

11
Subdomains

4
IPs

3
Countries

297 kB
Transfer

660 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://winandlove.com/DSFgwK97?aid=bpgzpghbdg&kid=fddbgzxhddh HTTP 302
    https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=2nsae4v1q5da&sub1=41818&sub2=179485&sub3=frd HTTP 302
    https://m.luvmenow.com/click?pid=34496&offer_id=4531&sub1=2nsae4v1q5dl&sub2=34496&sub3=21&sub4=2nsae4v1q5da&sub5=41818&sub6=179485&sub7=frd&sub8= HTTP 302
    https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=34496&sub3=a_63c1c19edf3fd80001b1a5ef&sub2=41818 HTTP 302
    https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=740&sub2=41818 HTTP 302
    https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e HTTP 302
    https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dtfnsa.com/de/f2397h/
Redirect Chain
  • https://winandlove.com/DSFgwK97?aid=bpgzpghbdg&kid=fddbgzxhddh
  • https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=2nsae4v1q5da&sub1=41818&sub2=179485&sub3=frd
  • https://m.luvmenow.com/click?pid=34496&offer_id=4531&sub1=2nsae4v1q5dl&sub2=34496&sub3=21&sub4=2nsae4v1q5da&sub5=41818&sub6=179485&sub7=frd&sub8=
  • https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=34496&sub3=a_63c1c19edf3fd80001b1a5ef&sub2=41818
  • https://tracking.t0r4.com/click?pid=10&offer_id=1212&sub1=740&sub2=41818
  • https://zzotrack.com/ff5c1bc0-53f1-4573-8083-234256664f4d?pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
  • https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SB...
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
293b9c384237f5461f5b80748ee8b96640608cd309c67e6db9cd8e6f053a85f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7890f21f7fde2bf0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 13 Jan 2023 20:40:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLq%2BipFFTmQPbp9xcq5BtGB%2FgEBgxyZRcXQ0bI0HvqUEpN%2B5v8OsPXb%2Bur3oY3%2Bzd294IFM%2BNfUAeMbU7WShqzZ%2B24IYLkiF2MIjKRZUeL340dfD9ES%2Fti3pccS6HMhoiVfc83CB2EFT"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Fri, 13 Jan 2023 20:40:13 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
pragma
no-cache
server
nginx
style4blue.css
dtfnsa.com/de/f2397h/files/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/style4blue.css
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7c7e367c882cfaa6356920ff6187934433a4ab5e1baa04b90cded31a07bf2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3659
cf-polished
origSize=4758
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 21 Dec 2022 07:23:56 GMT
server
cloudflare
etag
W/"63a2b48c-1296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FZoKzXEW3WSIvSxcxMQaTdjB0%2BOjqBvXSioBguJlvChLtwU%2BbIiJJToFKnujtNAO5HtqZDA4BZYkfl83kx%2BFEh%2BXSmhlHtdyboOeHCoiz8x19mnoNXX5oZD1ZTiuf367TTWh9gi4pKZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7890f2210b762bf0-FRA
jquery.js
dtfnsa.com/de/f2397h/files/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/jquery.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75cdc4ff797e03e2dec2e779dbfdc8ad18e3cbd4043aa20c5901bcb489f2f5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3659
cf-polished
origSize=96381
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 21 Dec 2022 07:23:56 GMT
server
cloudflare
etag
W/"63a2b48c-1787d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WdnogaL3wBRfuzSsY2FwQgXEukd0Q%2FFLM23BNhE6fCqI0Fv8pkcws9B6BmKEyg%2BQgbVGySWx592B6PVdFKrlVwUo2nSDhdPoS4cyCFGV%2Fexw8TDO91S1s7wf43zwPIAgY1F1PUvq2cv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7890f2210b782bf0-FRA
showHide.js
dtfnsa.com/de/f2397h/files/ 		519 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dtfnsa.com/de/f2397h/files/showHide.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a8133b00b705e1c18c56a499692b8b5521e5406e4fd198d590d536135d1ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2126
cf-polished
origSize=1513
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 21 Dec 2022 07:23:56 GMT
server
cloudflare
etag
W/"63a2b48c-5e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyBrZi%2BA63gVJ0Cx52gQzPgCW1cUtDygBFkZ2rIeRKOF2YXiOjHoVQ1fDyEmxwAReRfL%2B7jBXSCm4x7Xpix7%2BhwI6Eh%2BoZU8D%2F9ZNiSrty9tkWoAy7rXVNkRfVmspB0WbTZ%2Blt0irz%2F6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7890f2210b7a2bf0-FRA
17.gif
dtfnsa.com/de/f2397h/files/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dtfnsa.com/de/f2397h/files/17.gif
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a1b1d512825873e62b6f559c5e1b9f00ec429fba0e3ec78a53f149c5caa2da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:14 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 07:23:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2126
etag
"63a2b48c-f8ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWA6iudwxmRglqMHCeJNQZ%2F6mHqZw5Ci8lqWDIqDPx0LmTHA98IfXQoTtxmmJgErFZTwZhI3HllzDa9H3RbRW5awjz7errduQtNItXmxm%2BN%2BAjATExD9v7QR8whFpKqXuKh6Cu09go%2B4"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7890f2212bbb2bf0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63725
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3523
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7890f221bc1692b7-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 16 Jan 2023 20:40:14 GMT
gAIA.js
zeniocloud.com/ 		595 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Requested by
Host: dtfnsa.com
URL: https://dtfnsa.com/de/f2397h/?utm_campaign=10&data3=1212&data4=&email=&cep=OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA&lptoken=16c4730b64a942111330&pid=10&offer_id=1212&reff=&geo=DE&sub1=740&sub2=41818&clickid=63c1c1adee77b50001db668e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.114.67.56 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
56.ip-167-114-67.net
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fd2b15ee0725cee5e0f7e43cffa1d0e5a36713059469b6e24643ac65eae92766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:14 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1025
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7890f2221cf592b7-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 16 Jan 2023 20:40:14 GMT
web
onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/c3091c4b-609e-458f-b555-5e6e709ba131/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
331622fc12330d713000d574a8e27f2ec063052d22a3ed473b9670759948102f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:14 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
70
cf-polished
origSize=4986
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a39f7f73-5d64-4988-836a-7edd06315adf
x-runtime
0.021809
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"cb0a4c54ccdbf109fc45b9bfecb4ae2f"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7890f2230f0992b7-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 13 Jan 2023 21:40:14 GMT
gAIA.js
alexatracker.com/jscode/ 		0
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://alexatracker.com/jscode/gAIA.js?sub1=&sub2=dtfnsa.com&sub3=&sub4=&sub5=&prid=
Requested by
Host: zeniocloud.com
URL: https://zeniocloud.com/gAIA.js?prid=&sub2=dtfnsa.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:cc70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Jan 2023 20:40:15 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmH9x149hhsmv2gSl1n1mnJdkP%2FH8uYEmY5Xg%2FMC%2FBRK2CEx1UghStmNhUhJKN%2B6bhSH2AFgv65Sm6NVT1IGBOLoCCNAh4j4mGmvnyxAOtwb%2BbdtaKWvpPnlV1lauTmP0v7AvLcvjNK73FSXM4kt"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
cf-ray
7890f2263bcabb77-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1823
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7890f2387c0b690d-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 12 Feb 2023 20:40:18 GMT
icon
onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/ 		184 B
613 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/c3091c4b-609e-458f-b555-5e6e709ba131/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50fa27fa000bdd8c136de3481bf2ad5a302a244e1825b09ecab6fe4472a3e72f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:18 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
status
200 OK
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2780df3f-f16e-4430-97a3-ffad77e54f67
x-runtime
0.006511
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"50fa27fa000bdd8c136de3481bf2ad5a"
x-download-options
noopen
vary
Accept, Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7890f239187b2bf5-FRA
access-control-allow-headers
SDK-Version
d26527ec-822b-4b87-8dd0-ed808da427a4
img.onesignal.com/permanent/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/d26527ec-822b-4b87-8dd0-ed808da427a4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94910bb8a8b8b035d4f298c0e644805c2c3efa450819528d4887bb9f4c127b4d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dtfnsa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 20:40:18 GMT
x-amz-meta-cache-control
public, maxage=604800
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains
x-amz-request-id
2JWNJ9AASJTM5DMQ
age
1060
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112512
x-amz-id-2
Sobhwj1EpnkXBm3LjYjnthBVeAt52BIJXrWaplaq5bNdlcDN+GpIXnzsCJs3gfn0TfBvPPz3qKU=
last-modified
Fri, 28 Jan 2022 15:36:15 GMT
server
cloudflare
etag
"f9ba9add911ac7dbe6cb5d19f26f4f20"
vary
Accept-Encoding
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
7890f239ce4892b7-FRA
expires
Mon, 13 Feb 2023 20:40:18 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery function| OneSignal number| __oneSignalSdkLoadCount function| __jp0

14 Cookies

Domain/Path Name / Value
winandlove.com/ Name: _subid
Value: 2nsae4v1q5da
winandlove.com/ Name: b0608
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ2NzgzMlwiOjE2NzM2NDIzOTcsXCI4XCI6MTY3MzY0MjM5N30sXCJjYW1wYWlnbnNcIjp7XCIxNzk0ODVcIjoxNjczNjQyMzk3LFwiMVwiOjE2NzM2NDIzOTd9LFwidGltZVwiOjE2NzM2NDIzOTd9In0.rHwLme7fKtw4fGCQqNOOwWn1wvyUdpJBhqJICkpEm2Y
winandlove.com/ Name: _token
Value: uuid_2nsae4v1q5da_2nsae4v1q5da63c1c19d3dd902.76990186
hotloveland.com/ Name: _subid
Value: 2nsae4v1q5dl
hotloveland.com/ Name: b0608
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2NzM2NDIzOTd9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjczNjQyMzk3fSxcInRpbWVcIjoxNjczNjQyMzk3fSJ9.DqhTUV96uP2DWiCgiCOtozrN3iuQ4dHiiA8pR0TrVhQ
hotloveland.com/ Name: _token
Value: uuid_2nsae4v1q5dl_2nsae4v1q5dl63c1c19e04d019.69368650
m.luvmenow.com/ Name: afclick
Value: 63c1c19edf3fd80001b1a5ef
m.luvmenow.com/ Name: afoffers
Value: {"4531":1673642398}
tracking.t0r4.com/ Name: afclick
Value: 63c1c1adee77b50001db668e
tracking.t0r4.com/ Name: afoffers
Value: {"1212":1673642413}
.zzotrack.com/ Name: ff5c1bc0-53f1-4573-8083-234256664f4d-v4
Value: 3XsPhavzhGZ7R5vvUhqJg_FZSMdZtPQruLQxe6-7iRs
.zzotrack.com/ Name: cep-v4
Value: LjjT1CeJGHXcgW7k0g8BTMyTNB69dOX9Fz0zwdCgul4ZjDBqchO37INF_S9QVqhznPQE_NtVhx5D51RbsCJLWtYYjB_6teVYJYvph6FhVKQKJXPkMDM_8mWLq9SzrksQJp5d2hnbiXZzrpgXwEIsnjaCp7NpE3ozDkYI0wsrZ1Y8E1zcbmyOhL-YT4aMeBI4vxEhWfXaHEUwtTCAvuu2Qq1GHB7WWi5mxTj-uqeTGoqBLgbradp9hxUdGKSCYkHNv_xDJy4HdVdRyjEpRkcSr3aHkYWY0LKevzGm8VZVCaCb3SJVKC-c_wwcjCwVYYkbcjfWXtmrRFTONPN7UZ2R4IeJsZ3XcHMX8jeGrsalUyi3TJ7jDKv-__zpNsnLhM4qNaC2yzkKMDkjhJqBEJU3U4J-bCNnZTFx68RvZFyEEjEzWZwsf-jynPXTPrNVtLtJZfDnUBEdXl_2BjY8nl09fg
dtfnsa.com/ Name: wl
Value: %7B%22attributes%22%3A%7B%22ttl%22%3Anull%2C%22value%22%3A%22a%3A13%3A%7Bs%3A3%3A%5C%22cep%5C%22%3Bs%3A470%3A%5C%22OOX1K4ofuC4355FUrDgB78PJLRUaUU1HbizOPPMt1WvuCAtCxOnQ3D3PrD5lHU0lcg2LCvx9XJ2rrdrzLQt40bnjG88URKQcNLeE71WQadP4ug7KxkKAIZ52SBm0NpPz6n5Hwk6WZK74NmVpNVbBweRu_UWStveMCCS8GrYfiJ2QxPIBKNXkjOKUqL3kczutfM8gHlBvJlJbWV-48NHhp34YZ9iy8BTcA9SL0xtNUvl2ujIMa_HyGynfeA1Uv-uYtAMqv5UbYldtp99QaYQz1uHrEa3VwoTCRwj1oPACdkcoYAy3JQbKQkHMvFzFQr8SUnsjd7MHuOYAwDSKcetLUopLmKdFuy9RKQRQzCtWjdNHtfIWlTRiwCDYjMS60C3XGURwtSUicZNNH1JYUhGFwtifjZGXBG848h_pumAJ3WDeNokG8F2K8c6oc0fBLDAFCYJyr8b2Yqa8bhS4QCPzcA%5C%22%3Bs%3A7%3A%5C%22clickid%5C%22%3Bs%3A24%3A%5C%2263c1c1adee77b50001db668e%5C%22%3Bs%3A5%3A%5C%22data3%5C%22%3Bs%3A4%3A%5C%221212%5C%22%3Bs%3A5%3A%5C%22data4%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A5%3A%5C%22email%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A3%3A%5C%22geo%5C%22%3Bs%3A2%3A%5C%22DE%5C%22%3Bs%3A7%3A%5C%22lptoken%5C%22%3Bs%3A20%3A%5C%2216c4730b64a942111330%5C%22%3Bs%3A8%3A%5C%22offer_id%5C%22%3Bs%3A4%3A%5C%221212%5C%22%3Bs%3A3%3A%5C%22pid%5C%22%3Bs%3A2%3A%5C%2210%5C%22%3Bs%3A4%3A%5C%22reff%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A4%3A%5C%22sub1%5C%22%3Bs%3A3%3A%5C%22740%5C%22%3Bs%3A4%3A%5C%22sub2%5C%22%3Bs%3A5%3A%5C%2241818%5C%22%3Bs%3A12%3A%5C%22utm_campaign%5C%22%3Bs%3A2%3A%5C%2210%5C%22%3B%7D%22%7D%7D
alexatracker.com/ Name: trbarid
Value: 7de3a22396297e2cd7c04bbf2f6ad9a7c11e03c7137109ca50fc74c4da159fd5a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A8438109406725521839%3B%7D