urlscan.io logo urlscan.io
SecurityTrails logo

api.twitter.com Open in urlscan Pro
104.244.42.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://login.xtopet.com/
Effective URL: https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
Submission: On February 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 13 HTTP transactions. The main IP is 104.244.42.2, located in United States and belongs to TWITTER, US. The main domain is api.twitter.com. The Cisco Umbrella rank of the primary domain is 1666.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 31st 2023. Valid for: a year.
This is the only time api.twitter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 47.252.54.182 45102 (ALIBABA-C...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 3.229.186.102 14618 (AMAZON-AES)
1 104.244.42.2 13414 (TWITTER)
4 104.244.43.131 54113 (FASTLY)
1 2606:2800:233... 15133 (EDGECAST)
5 104.244.42.129 13414 (TWITTER)
13 6
1    47.252.54.182 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
login.xtopet.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
adodson.com
1    3.229.186.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-186-102.compute-1.amazonaws.com
auth-server.herokuapp.com
1    104.244.42.2 (United States)

ASN13414 (TWITTER, US)
api.twitter.com
4    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
1    2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)
ton.twimg.com
5    104.244.42.129 (United States)

ASN13414 (TWITTER, US)
twitter.com
Apex Domain
Subdomains		 Transfer
6 twitter.com
api.twitter.com — Cisco Umbrella Rank: 1666
twitter.com — Cisco Umbrella Rank: 360
8 KB
5 twimg.com
abs-0.twimg.com — Cisco Umbrella Rank: 3853
ton.twimg.com — Cisco Umbrella Rank: 43801
51 KB
1 herokuapp.com
auth-server.herokuapp.com
802 B
1 adodson.com
adodson.com
40 KB
1 xtopet.com
login.xtopet.com
1 KB
13 5
Domain Requested by
5 twitter.com api.twitter.com
login.xtopet.com
twitter.com
4 abs-0.twimg.com api.twitter.com
abs-0.twimg.com
1 ton.twimg.com api.twitter.com
1 api.twitter.com adodson.com
1 auth-server.herokuapp.com 1 redirects
1 adodson.com login.xtopet.com
1 login.xtopet.com
13 7

This site contains links to these domains. Also see Links.

Domain
twitter.com
help.twitter.com
Subject Issuer Validity Valid
login.xtopet.com
Encryption Everywhere DV TLS CA - G2		 2024-02-06 -
2025-02-06		 a year crt.sh
adodson.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
api.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-08-20		 a year crt.sh
twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
Frame ID: 43A2824D14EF6A6894681786A4611B0E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Twitter / Autorisiere eine Applikation

Page URL History Show full URLs

  1. https://login.xtopet.com/ Page URL
  2. https://auth-server.herokuapp.com/proxy?client_id=cG0fZtQfJcVVpMl5fXLb95o9A&response_type=token%20id_token&red... HTTP 302
    https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU Page URL

Page Statistics

13
Requests

100 %
HTTPS

29 %
IPv6

5
Domains

7
Subdomains

6
IPs

1
Countries

100 kB
Transfer

300 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://login.xtopet.com/ Page URL
  2. https://auth-server.herokuapp.com/proxy?client_id=cG0fZtQfJcVVpMl5fXLb95o9A&response_type=token%20id_token&redirect_uri=https%3A%2F%2Flogin.xtopet.com%3A441%2Fgameapi%2FtwitterLogin&state=%7B%22client_id%22%3A%22cG0fZtQfJcVVpMl5fXLb95o9A%22%2C%22network%22%3A%22twitter%22%2C%22display%22%3A%22page%22%2C%22callback%22%3A%22_hellojs_6v11u2r4%22%2C%22state%22%3A%22%22%2C%22redirect_uri%22%3A%22https%3A%2F%2Flogin.xtopet.com%3A441%2Fgameapi%2FtwitterLogin%22%2C%22scope%22%3A%22basic%2Copenid%2Cemail%22%2C%22page_uri%22%3A%22https%3A%2F%2Flogin.xtopet.com%2F%22%2C%22oauth%22%3A%7B%22version%22%3A%221.0a%22%2C%22auth%22%3A%22https%3A%2F%2Fapi.twitter.com%2Foauth%2Fauthenticate%22%2C%22request%22%3A%22https%3A%2F%2Fapi.twitter.com%2Foauth%2Frequest_token%22%2C%22token%22%3A%22https%3A%2F%2Fapi.twitter.com%2Foauth%2Faccess_token%22%7D%2C%22oauth_proxy%22%3A%22https%3A%2F%2Fauth-server.herokuapp.com%2Fproxy%22%7D&scope=openid,email HTTP 302
    https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
login.xtopet.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.xtopet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.54.182 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
1a0dd4e04aa4e59143fa8d388a4c05f241974a3b69a733cbaf08b06f0850ae1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 06 Feb 2024 12:48:43 GMT
ETag
W/"65c1ea9c-61c"
Last-Modified
Tue, 06 Feb 2024 08:15:24 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
hello.all.js
adodson.com/hello.js/dist/ 		138 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adodson.com/hello.js/dist/hello.all.js
Requested by
Host: login.xtopet.com
URL: https://login.xtopet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b3cd187b757572aa8980fb6dcf572d663e65f62c01d3c301b39bbedcf84fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.xtopet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-fastly-request-id
45dedf38bb5eae1acd73f3ac786211e066e797fd
date
Tue, 06 Feb 2024 12:48:43 GMT
via
1.1 varnish
content-encoding
br
expires
Fri, 26 Jan 2024 02:48:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-served-by
cache-ams21078-AMS
last-modified
Wed, 25 Jan 2023 23:11:53 GMT
server
cloudflare
x-github-request-id
5DCA:0F56:9A499:9EA38:653C6F78
x-timer
S1698731116.735723,VS0,VE1
etag
W/"63d1b739-22799"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNH1hRGyHTIksXiOVZ%2FwmkKGEDHslL14wDL93gDJQ3D%2B4%2BCop3ImnRDtHrX2iwa%2Fc%2BUaMVFJRRE3OLJa%2FKnDVAEahp4nAc86TYdlVjgW6PWev%2BN7R%2B1mev3%2FLtgbNH6Sa2IhIUQcSgf37w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
8513825218d1b92c-AMS
x-cache-hits
1
Primary Request authenticate
api.twitter.com/oauth/
Redirect Chain
  • https://auth-server.herokuapp.com/proxy?client_id=cG0fZtQfJcVVpMl5fXLb95o9A&response_type=token%20id_token&redirect_uri=https%3A%2F%2Flogin.xtopet.com%3A441%2Fgameapi%2FtwitterLogin&state=%7B%22cli...
  • https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
Requested by
Host: adodson.com
URL: https://adodson.com/hello.js/dist/hello.all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.2 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
32d3bcba1a71ec7bc580aa01ab1d7b8a5cd8056d068dae8447c6f5f48e68cd9d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self'; font-src https://abs.twimg.com https://abs-0.twimg.com data:; frame-src 'self' twitter:; frame-ancestors 'self' https://tweetdeck.twitter.com https://tdapi-staging.smf1.twitter.com https://tdapi-staging.atla.twitter.com https://tdapi-staging.pdxa.twitter.com https://tweetdeck.localhost.twitter.com; img-src https://abs.twimg.com https://*.twimg.com https://pbs.twimg.com data:; media-src 'none'; object-src 'none'; script-src https://abs.twimg.com https://abs-0.twimg.com https://twitter.com https://mobile.twitter.com; style-src https://abs.twimg.com https://abs-0.twimg.com; report-uri https://twitter.com/i/csp_report?a=NVQWGYLXFVWG6Z3JNY%3D%3D%3D%3D%3D%3D&ro=false;
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://login.xtopet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

att
1-LhmyQxCcszNUH4QCJvOUrsXpDXjuw5bfG1HW2HKl
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-length
2315
content-security-policy
default-src 'none'; connect-src 'self'; font-src https://abs.twimg.com https://abs-0.twimg.com data:; frame-src 'self' twitter:; frame-ancestors 'self' https://tweetdeck.twitter.com https://tdapi-staging.smf1.twitter.com https://tdapi-staging.atla.twitter.com https://tdapi-staging.pdxa.twitter.com https://tweetdeck.localhost.twitter.com; img-src https://abs.twimg.com https://*.twimg.com https://pbs.twimg.com data:; media-src 'none'; object-src 'none'; script-src https://abs.twimg.com https://abs-0.twimg.com https://twitter.com https://mobile.twitter.com; style-src https://abs.twimg.com https://abs-0.twimg.com; report-uri https://twitter.com/i/csp_report?a=NVQWGYLXFVWG6Z3JNY%3D%3D%3D%3D%3D%3D&ro=false;
content-type
text/html;charset=utf-8
date
Tue, 06 Feb 2024 12:48:44 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Tue, 06 Feb 2024 12:48:44 GMT
ml
A
perf
7469935968
pragma
no-cache
server
tsa_o
status
200 OK
strict-transport-security
max-age=631138519
x-connection-hash
c0f75f8a390d0baf06323f0b59618b64e14e7a3e8fe62b17ee1d868674030866
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
332
x-transaction
39896644b49721e8
x-transaction-id
39896644b49721e8
x-twitter-response-tags
BouncerCompliant
x-ua-compatible
IE=edge,chrome=1
x-xss-protection
0

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Date
Tue, 06 Feb 2024 12:48:44 GMT
Location
https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU#
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1707223724&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=IUltgQ%2BieB0JtHgl%2BZ5yOHoSigmo8SobfwmVVwFVAOs%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1707223724&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=IUltgQ%2BieB0JtHgl%2BZ5yOHoSigmo8SobfwmVVwFVAOs%3D
Server
Cowboy
Transfer-Encoding
chunked
Via
1.1 vegur
X-Powered-By
Express
tfw-base.3baf723b92aa68729f921c77ca3e3c1315116392.css
abs-0.twimg.com/login/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abs-0.twimg.com/login/tfw-base.3baf723b92aa68729f921c77ca3e3c1315116392.css
Requested by
Host: api.twitter.com
URL: https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b201aac1112d4f5a119b854c15f07c05a37db9a9cd5554bb60b461e4dc65f79f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 12:48:44 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
6600
x-served-by
cache-fty13722-FTY, cache-fra-eddf8230029-FRA
last-modified
Thu, 21 Oct 2021 06:21:21 GMT
etag
"+wO+6Xw51ZEeOnkEoUUkqw=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 21 Oct 2022 07:14:49 GMT
base.7ced3ee3ff61dadf91a9c9bd7082adc8f158a360.js
abs-0.twimg.com/login/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abs-0.twimg.com/login/base.7ced3ee3ff61dadf91a9c9bd7082adc8f158a360.js
Requested by
Host: api.twitter.com
URL: https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1fb27eccf58679427fc8568061bb2393eb9267cb828e1ffbbd739a62029256e8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 12:48:44 GMT
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
39287
x-served-by
cache-pdk-kpdk1780034-PDK, cache-fra-eddf8230029-FRA
last-modified
Wed, 18 Oct 2023 06:18:02 GMT
etag
"ni/3pFnHtfLdF8BCS5m2+Q=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
application/javascript
access-control-allow-origin
*
x-transaction-id
815c456238fc2118
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 17 Oct 2024 08:03:46 GMT
authorize_page.c4edf9ccaf94a42b6963991691957aaa827aa56b.js
abs-0.twimg.com/login/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abs-0.twimg.com/login/authorize_page.c4edf9ccaf94a42b6963991691957aaa827aa56b.js
Requested by
Host: api.twitter.com
URL: https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ad7976273a11eff451930e478ea50e830556b7fce0c33f511c829383672dfa34
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 06 Feb 2024 12:48:44 GMT
x-cache
HIT, HIT, MISS
server-timing
x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length
847
x-served-by
cache-fty21341-FTY, cache-pdk-kpdk1780034-PDK, cache-fra-eddf8230029-FRA
last-modified
Thu, 17 Mar 2022 06:17:58 GMT
etag
"76qrTfW/TZXmL7Vpk/RnSQ=="
vary
Accept-Encoding
x-tw-cdn
FT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 17 Mar 2023 08:02:41 GMT
oauth_application.png
ton.twimg.com/app_icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/app_icons/oauth_application.png
Requested by
Host: api.twitter.com
URL: https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8F) /
Resource Hash
dba1b4ebaa9077ca891b24daf52ac36d06d72fa1c5f669a7cc4affbaa4c4f633
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:48:44 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
345011
x-ton-expected-size
1977
x-cache
HIT
content-length
1977
x-response-time
7
surrogate-key
app_icons
last-modified
Mon, 06 Apr 2020 22:57:36 GMT
server
ECAcc (frc/4C8F)
etag
"bmqVAjYkuWLfIOYSPzYCJg=="
content-type
image/png
access-control-allow-origin
*
x-transaction-id
85ecacd168df6b96
perf
7469935968
x-connection-hash
47cac5d7f4f00d766704d98ee6d6269e89ed73760adc7b2bffab850cac539e07
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Tue, 13 Feb 2024 12:48:44 GMT
js_inst
twitter.com/i/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://twitter.com/i/js_inst?c_name=ui_metrics
Requested by
Host: api.twitter.com
URL: https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.129 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e531c3d796aa92966ec8368a8d29a22f376cacf3b7baad1755f17c247b172248
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 12:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=631138519
status
200 OK
x-twitter-response-tags
BouncerExempt, BouncerCompliant
content-length
2276
x-xss-protection
0
x-response-time
106
pragma
no-cache
last-modified
Tue, 06 Feb 2024 12:48:44 GMT
server
tsa_o
x-frame-options
DENY
content-type
text/javascript; charset=utf-8
x-transaction-id
552c2cb82e2914dc
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
perf
7469935968
x-connection-hash
f795e4dd9578f77c7a6aed8ae66059227bab72037ff3a8cd6d1f98e8aff94912
x-transaction
552c2cb82e2914dc
expires
Tue, 31 Mar 1981 05:00:00 GMT
csp_report
twitter.com/i/ 		0
309 B 		Other
General
Check archive.org
Download Go to
Full URL
https://twitter.com/i/csp_report?a=NVQWGYLXFVWG6Z3JNY%3D%3D%3D%3D%3D%3D&ro=false
Requested by
Host: login.xtopet.com
URL: https://login.xtopet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.129 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://api.twitter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/csp-report

Response headers

x-response-time
109
date
Tue, 06 Feb 2024 12:48:44 UTC
strict-transport-security
max-age=631138519
server
tsa_o
x-transaction-id
d28eb362c58538e7
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
cfa8564bf1cd54c16511cab3473938408411e91cfff64b09f6453949fca2029c
content-length
0
intents@1x.png
abs-0.twimg.com/login/img/16/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/login/img/16/intents@1x.png
Requested by
Host: abs-0.twimg.com
URL: https://abs-0.twimg.com/login/tfw-base.3baf723b92aa68729f921c77ca3e3c1315116392.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66b544088a8f8faa490280bbf4b91d4f8377367486a6fcbac6229603286bacdd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abs-0.twimg.com/login/tfw-base.3baf723b92aa68729f921c77ca3e3c1315116392.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Tue, 06 Feb 2024 12:48:44 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
2470
x-served-by
cache-pdk-kpdk1780046-PDK, cache-fra-eddf8230029-FRA
last-modified
Thu, 12 Nov 2015 14:43:15 GMT
etag
"ogCigZeOGPUkkPTMU+Nu6g=="
x-tw-cdn
FT
content-type
image/png
access-control-allow-origin
*
x-transaction-id
8adfb67049e684be
perf
7469935968
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 17 Jan 2025 06:12:10 GMT
csp_report
twitter.com/i/ 		0
169 B 		Other
General
Check archive.org
Download Go to
Full URL
https://twitter.com/i/csp_report?a=NVQWGYLXFVWG6Z3JNY%3D%3D%3D%3D%3D%3D&ro=false
Requested by
Host: twitter.com
URL: https://twitter.com/i/js_inst?c_name=ui_metrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.129 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://api.twitter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/csp-report

Response headers

x-response-time
103
date
Tue, 06 Feb 2024 12:48:45 UTC
strict-transport-security
max-age=631138519
server
tsa_o
x-transaction-id
076ef0f2ef2bf001
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
cfa8564bf1cd54c16511cab3473938408411e91cfff64b09f6453949fca2029c
content-length
0
csp_report
twitter.com/i/ 		0
147 B 		Other
General
Check archive.org
Download Go to
Full URL
https://twitter.com/i/csp_report?a=NVQWGYLXFVWG6Z3JNY%3D%3D%3D%3D%3D%3D&ro=false
Requested by
Host: twitter.com
URL: https://twitter.com/i/js_inst?c_name=ui_metrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.129 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://api.twitter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/csp-report

Response headers

x-response-time
115
date
Tue, 06 Feb 2024 12:48:45 UTC
strict-transport-security
max-age=631138519
server
tsa_o
x-transaction-id
e9fb72c2b74f4f8f
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
cfa8564bf1cd54c16511cab3473938408411e91cfff64b09f6453949fca2029c
content-length
0
csp_report
twitter.com/i/ 		0
145 B 		Other
General
Check archive.org
Download Go to
Full URL
https://twitter.com/i/csp_report?a=NVQWGYLXFVWG6Z3JNY%3D%3D%3D%3D%3D%3D&ro=false
Requested by
Host: twitter.com
URL: https://twitter.com/i/js_inst?c_name=ui_metrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.129 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://api.twitter.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/csp-report

Response headers

x-response-time
102
date
Tue, 06 Feb 2024 12:48:45 UTC
strict-transport-security
max-age=631138519
server
tsa_o
x-transaction-id
eed0e106d8555321
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
cfa8564bf1cd54c16511cab3473938408411e91cfff64b09f6453949fca2029c
content-length
0

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| FancyForm function| $ function| jQuery object| userAgentUtils object| $session number| ESCAPE_KEY function| fjnugXElHMuIaveHtUMj

2 Cookies

Domain/Path Name / Value
.twitter.com/ Name: _twitter_sess
Value: BAh7CSIKZmxhc2hJQzonQWN0aW9uQ29udHJvbGxlcjo6Rmxhc2g6OkZsYXNo%250ASGFzaHsABjoKQHVzZWR7ADoPY3JlYXRlZF9hdGwrCNCxdn6NAToMY3NyZl9p%250AZCIlMmE4OTczOTlhMjVjNTA5ODgyNmE3OGVhNTI3NGE4NWY6B2lkIiU5ZWZi%250ANWY0YzVmNTBkNzEwMDU1NDU1N2I0NTliY2FkMQ%253D%253D--619753711e3d50e5371b1ce061ce6b066262bc00
.twitter.com/ Name: guest_id
Value: v1%3A170722372449104482

4 Console Messages

Source Level URL
Text
rendering warning URL: https://api.twitter.com/oauth/authenticate?oauth_token=ZtaHFgAAAAABsQV-AAABjX52sQU#(Line 6)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security error URL: https://twitter.com/i/js_inst?c_name=ui_metrics(Line 2)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src https://abs.twimg.com https://abs-0.twimg.com". Either the 'unsafe-inline' keyword, a hash ('sha256-0EZqoz+oBhx7gF4nvY2bSqoGyy4zLjNF+SDQXGp/ZrY='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
security error URL: https://twitter.com/i/js_inst?c_name=ui_metrics(Line 2)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src https://abs.twimg.com https://abs-0.twimg.com". Either the 'unsafe-inline' keyword, a hash ('sha256-0EZqoz+oBhx7gF4nvY2bSqoGyy4zLjNF+SDQXGp/ZrY='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.
security error URL: https://twitter.com/i/js_inst?c_name=ui_metrics(Line 2)
Message:
Refused to apply inline style because it violates the following Content Security Policy directive: "style-src https://abs.twimg.com https://abs-0.twimg.com". Either the 'unsafe-inline' keyword, a hash ('sha256-0EZqoz+oBhx7gF4nvY2bSqoGyy4zLjNF+SDQXGp/ZrY='), or a nonce ('nonce-...') is required to enable inline execution. Note that hashes do not apply to event handlers, style attributes and javascript: navigations unless the 'unsafe-hashes' keyword is present.