deturl.com Open in urlscan Pro
2606:4700:30::681c:644  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response deturl.com/	8 KB 3 KB	282ms 221ms	Document text/html	2606:4700:30::681c:644 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://deturl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:644 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5438a8362e08971818ecf11d479236aa73cb8ecb90c4cbd438aa2463205c7c61 Request headers :method GET :authority deturl.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Sun, 17 Mar 2019 18:34:17 GMT content-type text/html set-cookie __cfduid=ddbcb59d3d926640daff6fc679c2eebb61552847657; expires=Mon, 16-Mar-20 18:34:17 GMT; path=/; domain=.deturl.com; HttpOnly ASPSESSIONIDQQDABCTS=PCMNPIPCAECJKJEFFMKCKCIA; path=/ cache-control private vary Accept-Encoding x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4b910f613bfc97e0-FRA content-encoding br
GET H2	200	lMLgy9nf6xbLzYu2yWDX97ezc0s.js Show response deturl.com/cdn-cgi/apps/head/	4 KB 2 KB	16ms 15ms	Script application/javascript	2606:4700:30::681c:644 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://deturl.com/cdn-cgi/apps/head/lMLgy9nf6xbLzYu2yWDX97ezc0s.js Requested by Host: deturl.com URL: https://deturl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:644 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b1fb6e1e5c21ca3164b8ae4669cb34ac9d1058be8ab2c3ada7f44103b30540ff Request headers :path /cdn-cgi/apps/head/lMLgy9nf6xbLzYu2yWDX97ezc0s.js pragma no-cache cookie __cfduid=ddbcb59d3d926640daff6fc679c2eebb61552847657; ASPSESSIONIDQQDABCTS=PCMNPIPCAECJKJEFFMKCKCIA accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority deturl.com referer https://deturl.com/ :scheme https :method GET Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:17 GMT content-encoding br cf-cache-status HIT x-amz-request-id D38968B2A8DBE2D4 status 200 x-amz-version-id N1UIZogD.d5BwqUIAtMoth41YLtnuI18 x-amz-id-2 q6AS3dEBrqnB2iE6LwWkto82g9dfyFvo6ocgM3L0i+k6mFWzZ8KiaEMouFlMLDZuXiGs95EfBok= last-modified Tue, 12 Dec 2017 00:27:04 GMT server cloudflare etag W/"68b2cb453a187091169124398b186eef" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 4b910f6459fc97e0-FRA expires Mon, 16 Mar 2020 18:34:17 GMT
GET H2	200	twitter-icon.png deturl.com/common/	811 B 873 B	16ms 15ms	Image image/png	2606:4700:30::681c:644 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://deturl.com/common/twitter-icon.png Requested by Host: deturl.com URL: https://deturl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:644 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 421c04b67b44be4e7cbd09e16a5a810f9b2b42b49f829b04612c4bf64de6f4f5 Request headers :path /common/twitter-icon.png pragma no-cache cookie __cfduid=ddbcb59d3d926640daff6fc679c2eebb61552847657; ASPSESSIONIDQQDABCTS=PCMNPIPCAECJKJEFFMKCKCIA accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority deturl.com referer https://deturl.com/ :scheme https :method GET Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:17 GMT cf-cache-status HIT last-modified Sat, 21 Sep 2013 07:30:02 GMT server cloudflare x-powered-by ASP.NET etag "07942629cb6ce1:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 4b910f6459fe97e0-FRA content-length 811 expires Mon, 18 Mar 2019 18:34:17 GMT
GET H2	200	facebook-icon.png deturl.com/common/	1 KB 1 KB	15ms 14ms	Image image/png	2606:4700:30::681c:644 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://deturl.com/common/facebook-icon.png Requested by Host: deturl.com URL: https://deturl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:644 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 138726de2d5d4e782fcf6be540881549d973dbf173e09ba512f57872887849b6 Request headers :path /common/facebook-icon.png pragma no-cache cookie __cfduid=ddbcb59d3d926640daff6fc679c2eebb61552847657; ASPSESSIONIDQQDABCTS=PCMNPIPCAECJKJEFFMKCKCIA accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority deturl.com referer https://deturl.com/ :scheme https :method GET Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:17 GMT cf-cache-status HIT last-modified Sat, 21 Sep 2013 07:30:02 GMT server cloudflare x-powered-by ASP.NET etag "07942629cb6ce1:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 4b910f6459ff97e0-FRA content-length 1221 expires Mon, 18 Mar 2019 18:34:17 GMT
GET H2	200	opensearch-add-search-provider.png deturl.com/	1 KB 1 KB	52ms 19ms	Image image/png	2606:4700:30::681c:644 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://deturl.com/opensearch-add-search-provider.png Requested by Host: deturl.com URL: https://deturl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:644 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 70ad29066881774469045d94ba51cba52a27576b880e92394a6e58a9bdb56ade Request headers :path /opensearch-add-search-provider.png pragma no-cache cookie __cfduid=ddbcb59d3d926640daff6fc679c2eebb61552847657; ASPSESSIONIDQQDABCTS=PCMNPIPCAECJKJEFFMKCKCIA accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority deturl.com referer https://deturl.com/ :scheme https :method GET Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:17 GMT cf-cache-status HIT last-modified Sat, 21 Sep 2013 07:30:02 GMT server cloudflare x-powered-by ASP.NET etag "07942629cb6ce1:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 4b910f64ba9397e0-FRA content-length 1243 expires Mon, 18 Mar 2019 18:34:17 GMT
GET H2	200	how-to-download-videos-from-youtube.gif deturl.com/	67 KB 67 KB	45ms 13ms	Image image/gif	2606:4700:30::681c:644 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://deturl.com/how-to-download-videos-from-youtube.gif Requested by Host: deturl.com URL: https://deturl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:644 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 9f7a6ac8ff1c327797036894d3934729db36cb8fef767eb32f55eb6877969ebd Request headers :path /how-to-download-videos-from-youtube.gif pragma no-cache cookie __cfduid=ddbcb59d3d926640daff6fc679c2eebb61552847657; ASPSESSIONIDQQDABCTS=PCMNPIPCAECJKJEFFMKCKCIA accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority deturl.com referer https://deturl.com/ :scheme https :method GET Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:17 GMT cf-cache-status HIT last-modified Mon, 25 Aug 2014 08:24:18 GMT server cloudflare x-powered-by ASP.NET etag "0259cf63dc0cf1:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control public, max-age=86400 accept-ranges bytes cf-ray 4b910f64ba9797e0-FRA content-length 68325 expires Mon, 18 Mar 2019 18:34:17 GMT
GET H2	200	favicon.ico deturl.com/	894 B 669 B	34ms 10ms	Image image/x-icon	2606:4700:30::681c:644 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://deturl.com/favicon.ico Requested by Host: deturl.com URL: https://deturl.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:644 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 151e0c239f01b884d881b244f62c96cb8bb22e8285e15d6c18cd03a584d8ba0f Request headers :path /favicon.ico pragma no-cache cookie __cfduid=ddbcb59d3d926640daff6fc679c2eebb61552847657; ASPSESSIONIDQQDABCTS=PCMNPIPCAECJKJEFFMKCKCIA accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority deturl.com referer https://deturl.com/ :scheme https :method GET Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:17 GMT content-encoding br cf-cache-status HIT last-modified Sat, 21 Sep 2013 07:30:02 GMT server cloudflare x-powered-by ASP.NET etag W/"07942629cb6ce1:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/x-icon status 200 cache-control public, max-age=86400 cf-ray 4b910f64ba9997e0-FRA expires Mon, 18 Mar 2019 18:34:17 GMT
GET H2	200	FflrCBKlylbKH11slf0zLnbMYJU.js Show response deturl.com/cdn-cgi/apps/body/	450 B 438 B	43ms 20ms	Script application/javascript	2606:4700:30::681c:644 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://deturl.com/cdn-cgi/apps/body/FflrCBKlylbKH11slf0zLnbMYJU.js Requested by Host: deturl.com URL: https://deturl.com/cdn-cgi/apps/head/lMLgy9nf6xbLzYu2yWDX97ezc0s.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681c:644 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash be007f5a36052764320f503d862a4bc0dfcc21d79d217e2498ccb2e8979dc5af Request headers :path /cdn-cgi/apps/body/FflrCBKlylbKH11slf0zLnbMYJU.js pragma no-cache cookie __cfduid=ddbcb59d3d926640daff6fc679c2eebb61552847657; ASPSESSIONIDQQDABCTS=PCMNPIPCAECJKJEFFMKCKCIA accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority deturl.com referer https://deturl.com/ :scheme https :method GET Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:17 GMT content-encoding br cf-cache-status HIT x-amz-request-id 856609F45D6AC974 status 200 x-amz-version-id 6Nr7JnIm05d9nEyl9msVfZ1BRSTbti1g x-amz-id-2 XrBVdlIEFprAO4Wykk+f6lC9rkCA4ybEiP0uel2aVKaNd3mTNOWZcX4UafFkgvYHEhI0tAczwao= last-modified Tue, 12 Dec 2017 00:27:04 GMT server cloudflare etag W/"9aa885e86fd52c68bff5b6491c12d828" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 4b910f64ba9a97e0-FRA expires Mon, 16 Mar 2020 18:34:17 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	93 KB 28 KB	64ms 6ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: deturl.com URL: https://deturl.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECS (fcn/41A7) / Resource Hash 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19 Request headers Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 17 Mar 2019 18:34:17 GMT Content-Encoding gzip Last-Modified Thu, 07 Mar 2019 17:40:21 GMT Server ECS (fcn/41A7) Etag "4cf9f34505e9344b9a7e4d00e67b6c88+gzip" Vary Accept-Encoding X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Cache-Control public, max-age=1800 Content-Type application/javascript; charset=utf-8 Content-Length 28028
GET H2	200	widget.js Show response widget.battleforthenet.com/	4 KB 2 KB	150ms 62ms	Script application/javascript	2606:4700:20::6819:3968 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://widget.battleforthenet.com/widget.js Requested by Host: deturl.com URL: https://deturl.com/cdn-cgi/apps/body/FflrCBKlylbKH11slf0zLnbMYJU.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:3968 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash d6752363e719b9a22dd6af11162497033c021c34be7cf44afac856e3195fcc2e Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-amz-request-id 3938E9D923FC1AD8 cf-polished origSize=5437 status 200 vary Accept-Encoding x-amz-id-2 G55PZQNCjq9pibeqRNb1OUAp0nU08tdnujUMk7r8L80llHE6HLWAs9Q3BtrwKAqevxD33NQnmTA= last-modified Mon, 04 Feb 2019 17:29:07 GMT server cloudflare etag W/"319f17601b73dd96e790609bce53caea" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains content-type application/javascript expires Sun, 17 Mar 2019 19:34:18 GMT cache-control public, max-age=3600 cf-ray 4b910f664d9ec2a1-FRA cf-bgj minify
GET H/1.1	200 OK	widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html platform.twitter.com/widgets/ Frame 6810	0 0	15ms 14ms	Document text/html	2606:2800:234:59:254c:406:2366:268c MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fdeturl.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECS (fcn/419C) / Resource Hash Request headers Host platform.twitter.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://deturl.com/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://deturl.com/ Response headers Content-Encoding gzip Cache-Control public, max-age=315360000 Content-Type text/html; charset=utf-8 Date Sun, 17 Mar 2019 18:34:17 GMT Etag "347ce5de96d97a02c18244967b8b6532+gzip" Last-Modified Thu, 07 Mar 2019 17:39:26 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (fcn/419C) Vary Accept-Encoding X-Cache HIT Content-Length 5783
GET H/1.1	200 OK	button.dd024c345fc26f7c7a8d9938b67e5d3d.js Show response platform.twitter.com/js/	7 KB 3 KB	18ms 8ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/js/button.dd024c345fc26f7c7a8d9938b67e5d3d.js Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECS (fcn/4194) / Resource Hash bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc Request headers Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Sun, 17 Mar 2019 18:34:17 GMT Content-Encoding gzip Last-Modified Thu, 07 Mar 2019 17:39:15 GMT Server ECS (fcn/4194) Etag "481d209bbcd2464884d57a77bc64e947+gzip" Vary Accept-Encoding X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Cache-Control public, max-age=315360000 Content-Type application/javascript; charset=utf-8 Content-Length 2293
GET H/1.1	200 OK	tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html platform.twitter.com/widgets/ Frame D2C3	0 0	13ms 12ms	Document text/html	2606:2800:234:59:254c:406:2366:268c MCI Communication...
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US), Reverse DNS Software ECS (fcn/40DE) / Resource Hash Request headers Host platform.twitter.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer https://deturl.com/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://deturl.com/ Response headers Content-Encoding gzip Cache-Control public, max-age=315360000 Content-Type text/html; charset=utf-8 Date Sun, 17 Mar 2019 18:34:17 GMT Etag "8dadfe02e828fc4a9d61e33bdd1df329+gzip" Last-Modified Thu, 07 Mar 2019 17:39:22 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (fcn/40DE) Vary Accept-Encoding X-Cache HIT Content-Length 12257
GET H2	200	widget.js Show response redalert.battleforthenet.com/	4 KB 2 KB	123ms 99ms	Script application/javascript	2606:4700:20::6819:3968 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://redalert.battleforthenet.com/widget.js Requested by Host: widget.battleforthenet.com URL: https://widget.battleforthenet.com/widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:3968 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8856c686f4eaecc4367df10c5659665d572b4200cd6d1d6c953aebe2f37ecfdf Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT x-amz-request-id 84073EBB43A31A2C cf-polished origSize=5820 status 200 vary Accept-Encoding x-amz-id-2 /+GCcHNKKft7faTPGXdMy8kt4bWNJxgKKQdiatZLkxQH3gGI/aZuA07nj8rWjTw+NG5Ehzc9iao= last-modified Wed, 27 Feb 2019 14:26:01 GMT server cloudflare etag W/"0318031ee4c5a6d5dacc842025566fd5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains content-type application/javascript expires Sun, 17 Mar 2019 19:34:18 GMT cache-control public, max-age=3600 cf-ray 4b910f66ffc0c2a1-FRA cf-bgj minify
GET H2	200	/ redalert.battleforthenet.com/ Frame 9F19	0 0	226ms 222ms	Document text/html	2606:4700:20::6819:3968 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://redalert.battleforthenet.com/ Requested by Host: redalert.battleforthenet.com URL: https://redalert.battleforthenet.com/widget.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:3968 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains X-Content-Type-Options nosniff Request headers :method GET :authority redalert.battleforthenet.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://deturl.com/ accept-encoding gzip, deflate, br cookie __cfduid=d26f33ba56b76692c2fe0afa9a7d711cc1552847658 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://deturl.com/ Response headers status 200 date Sun, 17 Mar 2019 18:34:18 GMT content-type text/html x-amz-id-2 FNnvBS1HnbRYayQglEaJcc8Zcgmm3jP81MbmAEfm+66FFe8kW5f+4rmS6f05zqktM7FGflNjtEk= x-amz-request-id 654B0E00F8B135AA last-modified Wed, 27 Feb 2019 14:26:01 GMT strict-transport-security max-age=0; includeSubDomains x-content-type-options nosniff expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4b910f67aa2ac2a1-FRA content-encoding br
GET H2	200	jot syndication.twitter.com/i/	43 B 123 B	167ms 166ms	Image image/gif	104.244.42.8 Twitter Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdeturl.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1552847658229%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c1f189f%3A1551939852453%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D Requested by Host: deturl.com URL: https://deturl.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.8 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US), Reverse DNS Software tsa_f / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report Request headers Referer https://deturl.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sun, 17 Mar 2019 18:34:18 GMT content-encoding gzip x-content-type-options nosniff status 200, 200 OK x-twitter-response-tags BouncerCompliant strict-transport-security max-age=631138519 content-length 65 x-xss-protection 1; mode=block; report=https://twitter.com/i/xss_report x-response-time 120 pragma no-cache last-modified Sun, 17 Mar 2019 18:34:18 GMT server tsa_f x-frame-options SAMEORIGIN content-type image/gif;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash a112a7f68f06ab8efd4a873a02d7b991 x-transaction 001fd90200a8d76b expires Tue, 31 Mar 1981 05:00:00 GMT

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| Eager object| CloudflareApps object| _bftn_options object| __twttrll object| twttr object| __twttr object| RED_ALERT_OPTIONS

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.battleforthenet.com/	1970-01-18 23:20:47	Name: _gat Value: 1
			.battleforthenet.com/	1970-01-18 23:22:14	Name: _gid Value: GA1.2.1211278445.1552847659
			.battleforthenet.com/	1970-01-19 16:51:59	Name: _ga Value: GA1.2.2049858373.1552847659

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

deturl.com
platform.twitter.com
redalert.battleforthenet.com
syndication.twitter.com
widget.battleforthenet.com
104.244.42.8
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::6819:3968
2606:4700:30::681c:644
138726de2d5d4e782fcf6be540881549d973dbf173e09ba512f57872887849b6
151e0c239f01b884d881b244f62c96cb8bb22e8285e15d6c18cd03a584d8ba0f
421c04b67b44be4e7cbd09e16a5a810f9b2b42b49f829b04612c4bf64de6f4f5
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
5438a8362e08971818ecf11d479236aa73cb8ecb90c4cbd438aa2463205c7c61
70ad29066881774469045d94ba51cba52a27576b880e92394a6e58a9bdb56ade
8856c686f4eaecc4367df10c5659665d572b4200cd6d1d6c953aebe2f37ecfdf
9f7a6ac8ff1c327797036894d3934729db36cb8fef767eb32f55eb6877969ebd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1fb6e1e5c21ca3164b8ae4669cb34ac9d1058be8ab2c3ada7f44103b30540ff
be007f5a36052764320f503d862a4bc0dfcc21d79d217e2498ccb2e8979dc5af
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc
d6752363e719b9a22dd6af11162497033c021c34be7cf44afac856e3195fcc2e