urlscan.io logo urlscan.io
SecurityTrails logo

2ndturn.dtdeals.com Open in urlscan Pro
168.94.230.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fundacionmapfre.dtdeals.com/
Effective URL: https://2ndturn.dtdeals.com/
Submission: On December 24 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 32 HTTP transactions. The main IP is 168.94.230.159, located in Minneapolis, United States and belongs to BESTBUY, US. The main domain is 2ndturn.dtdeals.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on August 11th 2022. Valid for: a year.
This is the only time 2ndturn.dtdeals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 29 168.94.230.159 11596 (BESTBUY)
4 23.64.53.110 16625 (AKAMAI-AS)
32 2
Apex Domain
Subdomains		 Transfer
33 dtdeals.com
fundacionmapfre.dtdeals.com
2ndturn.dtdeals.com
images.dtdeals.com
661 KB
32 1
Domain Requested by
28 2ndturn.dtdeals.com 2ndturn.dtdeals.com
4 images.dtdeals.com 2ndturn.dtdeals.com
1 fundacionmapfre.dtdeals.com 1 redirects
32 3

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
dtdeals.com
Entrust Certification Authority - L1K		 2022-08-11 -
2023-08-18		 a year crt.sh
san.bestbuy.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-07 -
2023-07-07		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://2ndturn.dtdeals.com/
Frame ID: 9037052FDEC9A3EFDB241A5B607114BE
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

2nd Turn Canada Auctions

Page URL History Show full URLs

  1. http://fundacionmapfre.dtdeals.com/ HTTP 302
    https://2ndturn.dtdeals.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

3
Subdomains

2
IPs

2
Countries

660 kB
Transfer

754 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fundacionmapfre.dtdeals.com/ HTTP 302
    https://2ndturn.dtdeals.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
2ndturn.dtdeals.com/
Redirect Chain
  • http://fundacionmapfre.dtdeals.com/
  • https://2ndturn.dtdeals.com/
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
a3f89d28f7bf4a1836d7704d4b4ba2f5e1a6f6b73922387cf12b4a95f246afb5
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Sat, 24 Dec 2022 23:04:04 GMT
Server
Server-Timing
dtSInfo;desc="0", dtRpid;desc="2034562860"
Strict-Transport-Security
max-age=900; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Sat, 24 Dec 2022 23:04:03 GMT
Location
https://2ndturn.dtdeals.com
Pragma
no-cache
Server
Server-Timing
dtSInfo;desc="0", dtRpid;desc="10913043"
Strict-Transport-Security
max-age=900; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-OneAgent-JS-Injection
true
X-XSS-Protection
1; mode=block
ruxitagentjs_ICA2Vfqru_10243220606153550.js
2ndturn.dtdeals.com/ 		188 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/ruxitagentjs_ICA2Vfqru_10243220606153550.js
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
0dee606d3486eb2a9c3c0ae4b8e13d1a0ccaaf4f4207749bd4b209b75ea04a6d
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=900; includeSubDomains
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Server
Date
Sat, 24 Dec 2022 23:04:05 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, max-age=31536000, immutable
Content-Length
74102
X-XSS-Protection
1; mode=block
Expires
Sun, 24 Dec 2023 23:04:05 GMT
jquery-3.5.1.min.js
2ndturn.dtdeals.com/includes/js/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/js/jquery-3.5.1.min.js
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:24 GMT
Server
ETag
"1d48b3ef784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1558333546"
Accept-Ranges
bytes
Content-Length
89478
X-XSS-Protection
1; mode=block
angular.min.js
2ndturn.dtdeals.com/includes/js/ 		105 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/js/angular.min.js
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
9165ba8fc918dbf05fd01ac6795edde8c032482e5f643b4e21493dfea5a8faff
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:24 GMT
Server
ETag
"d5848fef784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1396929982"
Accept-Ranges
bytes
Content-Length
107532
X-XSS-Protection
1; mode=block
angular-gettext.min.js
2ndturn.dtdeals.com/includes/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/js/angular-gettext.min.js
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
c3db84ab658cc114ec6ab32bd09703a1e18958ea4cff61ec07504dfcd0b15e9d
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:24 GMT
Server
ETag
"3c3862ef784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1654442724"
Accept-Ranges
bytes
Content-Length
5728
X-XSS-Protection
1; mode=block
translations_2ndTurn.js
2ndturn.dtdeals.com/includes/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
6f639a0f6c5538343135e94e7cd351c45ead8016d659739ece7468077b26555a
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:24 GMT
Server
ETag
"99f9c3ef784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="2124320430"
Accept-Ranges
bytes
Content-Length
2152
X-XSS-Protection
1; mode=block
ca_main.css
2ndturn.dtdeals.com/includes/css/ 		10 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/css/ca_main.css?v3
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
2399aa353800d3008ea2416a248b22195e06d68b26aa6b236451c24dedd878ee
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"184e3eee784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-631461496"
Accept-Ranges
bytes
Content-Length
10481
X-XSS-Protection
1; mode=block
logo_2ndTurn.png
2ndturn.dtdeals.com/includes/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ndturn.dtdeals.com/includes/images/logo_2ndTurn.png
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
6b0529363cfead520e48c7a083c669c06318258a5bfc3383c974ace623169fae
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:26 GMT
Server
ETag
"a590d0f0784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Server-Timing
dtSInfo;desc="0", dtRpid;desc="2067792235"
Accept-Ranges
bytes
Content-Length
2727
X-XSS-Protection
1; mode=block
_cfimg-7190541958997162416.PNG
2ndturn.dtdeals.com/CFFileServlet/_cf_image/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ndturn.dtdeals.com/CFFileServlet/_cf_image/_cfimg-7190541958997162416.PNG
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
765a1dd231f1d60162f76f8338944b74968bb35e3e665740f854a09e2c0cc3b0
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Sat, 24 Dec 2022 23:04:05 GMT
Server
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1450345950"
Content-Length
10378
X-XSS-Protection
1; mode=block
landing_upper.gif
2ndturn.dtdeals.com/includes/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ndturn.dtdeals.com/includes/images/landing_upper.gif
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
ef16ad84bc03fab418ff17a608a93a12a69da66e38378f5b78e84b0a6ce2876d
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:26 GMT
Server
ETag
"76f4b3f0784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-521924537"
Accept-Ranges
bytes
Content-Length
7066
X-XSS-Protection
1; mode=block
DT_2056809_1.jpg
images.dtdeals.com/store/thumb/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dtdeals.com/store/thumb/DT_2056809_1.jpg
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.53.110 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-53-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f0e790148f0a6e2d03233f2c175898653e16a94c8fc6671b66ef06d7f6a18af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 23:04:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30 Dec 2019 19:35:23 GMT
Server
ETag
"b8478f4748bfd51:0"
Content-Type
image/jpeg
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1265925770"
Accept-Ranges
bytes
Connection
keep-alive
Content-Length
2682
X-XSS-Protection
1; mode=block
DT_2183127_1.jpg
images.dtdeals.com/store/thumb/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dtdeals.com/store/thumb/DT_2183127_1.jpg
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.53.110 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-53-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
df3c2c1f916d484df3d23056a7f837647971a26a6cb25cada1cd98add9711dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 23:04:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 12 Nov 2021 14:57:14 GMT
Server
ETag
"bafbfe93d5d7d71:0"
Content-Type
image/jpeg
Server-Timing
dtSInfo;desc="0", dtRpid;desc="2046124650"
Accept-Ranges
bytes
Connection
keep-alive
Content-Length
5466
X-XSS-Protection
1; mode=block
DT_2200683_1.jpg
images.dtdeals.com/store/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dtdeals.com/store/thumb/DT_2200683_1.jpg
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.53.110 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-53-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1daad1acf2b347e4a673d8262887630525b1248899ebc22f95400f416146152b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 23:04:09 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 17 Mar 2022 14:00:19 GMT
Server
ETag
"ce222c5673ad81:0"
Content-Type
image/jpeg
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-67079801"
Accept-Ranges
bytes
Connection
keep-alive
Content-Length
4518
X-XSS-Protection
1; mode=block
DT_2158839_1.jpg
images.dtdeals.com/store/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dtdeals.com/store/thumb/DT_2158839_1.jpg
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.64.53.110 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-53-110.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4604f4d9d80740ab362f4fbbe6d4fd1ae628a3e9cb78e29fd4225664424005c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 23:04:08 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 Aug 2021 19:07:42 GMT
Server
ETag
"c34518265298d71:0"
Content-Type
image/jpeg
Server-Timing
dtSInfo;desc="0", dtRpid;desc="325155332"
Accept-Ranges
bytes
Connection
keep-alive
Content-Length
4387
X-XSS-Protection
1; mode=block
enFAQ.htm
2ndturn.dtdeals.com/includes/htm/ 		14 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/enFAQ.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
db5dbce9a0590c4367c2aec0630651358466553912a05cab82c16080e675475b
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:05 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"b9fdcee784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-485341775"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
14544
frFAQ.htm
2ndturn.dtdeals.com/includes/htm/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/frFAQ.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
6c8d166b206a391673662afd6a2303a3080ffe216f56afd393a12f0e6877c3f9
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:06 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"86503ef784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="348292040"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
18014
enFAQ2.htm
2ndturn.dtdeals.com/includes/htm/ 		14 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/enFAQ2.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
0ea3994776c421ee757a1609d9906c90996968b9072a33c3d7b6558a556c70a0
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:06 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"b9fdcee784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1893816269"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
14504
frFAQ2.htm
2ndturn.dtdeals.com/includes/htm/ 		17 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/frFAQ2.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
875bb3db9246bb10f52b351cd7c866d7259e001ff1cb839554bb310bed660f09
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:06 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"8bec15ef784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1141393594"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
17909
enTips.htm
2ndturn.dtdeals.com/includes/htm/ 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/enTips.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
481009368ab527a31c6af524a5cfd88f39f7f40a081c3287b4058485e56cfaaf
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:06 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"4db99ef784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="587816784"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
8270
frTips.htm
2ndturn.dtdeals.com/includes/htm/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/frTips.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
3da5b7aaa81155a6674f3882e1479657d9869440d50683f75aa7bec16a45bb14
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:06 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:23 GMT
Server
ETag
"80133cef784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-1570585637"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
8823
enTerms.htm
2ndturn.dtdeals.com/includes/htm/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/enTerms.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
93f865a8af8f1a845d8f4f5eb606f117f736f67cce916bc151e47338c2e84de3
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:06 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"2f3f2ef784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="205159677"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
6937
frTerms.htm
2ndturn.dtdeals.com/includes/htm/ 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/frTerms.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
11fb80184699bab4c55e1969b26290c32aa5e1ed005aad9a812defc7af1032e8
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:06 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:23 GMT
Server
ETag
"11d740ef784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="2002412774"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
8407
enReturnPolicy.htm
2ndturn.dtdeals.com/includes/htm/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/enReturnPolicy.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
f1ea94e525014d3f154f35e6b9ec851a904c88ffc42a238c2800643c1e043b0d
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:07 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"b9fdcee784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="115392074"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
4288
frReturnPolicy.htm
2ndturn.dtdeals.com/includes/htm/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/htm/frReturnPolicy.htm
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
7389b83d1d388c74fa6d7830df9f2b05b0d21c41ea376b3d92581f47fbc99ffe
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:07 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"4eb34ef784d91:0:dtagent10243220606153550Gsdu"
X-Frame-Options
SAMEORIGIN
Content-Type
text/html
X-OneAgent-JS-Injection
true
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-2130291527"
Accept-Ranges
bytes
X-ruxit-JS-Agent
true
X-XSS-Protection
1; mode=block
Content-Length
5538
2ndTurn_en_fr.js
2ndturn.dtdeals.com/includes/js/ 		51 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/js/2ndTurn_en_fr.js
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/translations_2ndTurn.js?v03b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
602d27931a2481dfc19fd73af52d00545418f46efa222ebebb91aec57c0ce6ca
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:07 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:24 GMT
Server
ETag
"7c3681ef784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-667727218"
Accept-Ranges
bytes
Content-Length
52418
X-XSS-Protection
1; mode=block
nav-gradient.gif
2ndturn.dtdeals.com/includes/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ndturn.dtdeals.com/includes/images/nav-gradient.gif
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/css/ca_main.css?v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
b6d391c9a655d8245cba0b4d26c89002a86ec980b7a1677f1de25520dc19b14d
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/includes/css/ca_main.css?v3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:07 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:27 GMT
Server
ETag
"26677f1784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-197643794"
Accept-Ranges
bytes
Content-Length
1270
X-XSS-Protection
1; mode=block
bg_landing.png
2ndturn.dtdeals.com/includes/images/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ndturn.dtdeals.com/includes/images/bg_landing.png
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
e7d26cc17a67bbef2fbffee084522112cbd28d9a53c5a3967951ee1432cca024
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:07 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:25 GMT
Server
ETag
"1f301cf0784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Server-Timing
dtSInfo;desc="0", dtRpid;desc="1085965037"
Accept-Ranges
bytes
Content-Length
154221
X-XSS-Protection
1; mode=block
grey_grad.gif
2ndturn.dtdeals.com/includes/images/ 		189 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ndturn.dtdeals.com/includes/images/grey_grad.gif
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/css/ca_main.css?v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
ec68004b639e14c76d6b125abe39729ec82a27916b69f9504152c718cbc73e6a
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/includes/css/ca_main.css?v3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:07 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:26 GMT
Server
ETag
"648a8f0784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Server-Timing
dtSInfo;desc="0", dtRpid;desc="-182540578"
Accept-Ranges
bytes
Content-Length
189
X-XSS-Protection
1; mode=block
24x24-twitter-alpha.png
2ndturn.dtdeals.com/includes/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2ndturn.dtdeals.com/includes/images/24x24-twitter-alpha.png
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/css/ca_main.css?v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
47ecfe138f0fc9de5182d4d583a169ed3a5ef98164b2204210980e86339d58ee
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/includes/css/ca_main.css?v3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:07 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:25 GMT
Server
ETag
"a295e0ef784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Server-Timing
dtSInfo;desc="0", dtRpid;desc="324474811"
Accept-Ranges
bytes
Content-Length
1795
X-XSS-Protection
1; mode=block
en.css
2ndturn.dtdeals.com/includes/css/ 		151 B
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/includes/css/en.css
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/includes/js/jquery-3.5.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
ed9c272006ac28108201a3603adea8802c4f8681bd429cb290af83befd5f4a90
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://2ndturn.dtdeals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:07 GMT
Last-Modified
Wed, 30 Nov 2022 05:02:22 GMT
Server
ETag
"b27445ee784d91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Server-Timing
dtSInfo;desc="0", dtRpid;desc="139433794"
Accept-Ranges
bytes
Content-Length
151
X-XSS-Protection
1; mode=block
rb_f083cd87-8c9f-4247-a1d4-4095b09a1bf8
2ndturn.dtdeals.com/ 		116 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/rb_f083cd87-8c9f-4247-a1d4-4095b09a1bf8?type=js3&sn=v_4_srv_35_sn_410AEC36288CAE82C3951B079FEE133B_perc_100000_ol_0_mul_1_app-3Ab164e797842cc9af_1_app-3A245d60807c73190d_1&svrid=35&flavor=post&vi=CTGONTUHHQRGRANFQLUNVNMHSDLWKFOG-0&modifiedSince=1671914547404&rf=https%3A%2F%2F2ndturn.dtdeals.com%2F&bp=3&app=245d60807c73190d&crc=1768428110&en=iah7xwk5&end=1
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/ruxitagentjs_ICA2Vfqru_10243220606153550.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
b1e7ef9b47b65b090b15f8c1406bcd195b800b17fd7e53304c1d6a4133ba9ef5
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ndturn.dtdeals.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:09 GMT
Server
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Content-Length
116
X-XSS-Protection
1; mode=block
rb_f083cd87-8c9f-4247-a1d4-4095b09a1bf8
2ndturn.dtdeals.com/ 		116 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2ndturn.dtdeals.com/rb_f083cd87-8c9f-4247-a1d4-4095b09a1bf8?type=js3&sn=v_4_srv_35_sn_410AEC36288CAE82C3951B079FEE133B_perc_100000_ol_0_mul_1_app-3Ab164e797842cc9af_1_app-3A245d60807c73190d_1&svrid=35&flavor=post&vi=CTGONTUHHQRGRANFQLUNVNMHSDLWKFOG-0&modifiedSince=1671914547404&rf=https%3A%2F%2F2ndturn.dtdeals.com%2F&bp=3&app=245d60807c73190d&crc=4200480544&en=iah7xwk5&end=1
Requested by
Host: 2ndturn.dtdeals.com
URL: https://2ndturn.dtdeals.com/ruxitagentjs_ICA2Vfqru_10243220606153550.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.94.230.159 Minneapolis, United States, ASN11596 (BESTBUY, US),
Reverse DNS
2ndturn-origin.dtdeals.com
Software
/
Resource Hash
b1e7ef9b47b65b090b15f8c1406bcd195b800b17fd7e53304c1d6a4133ba9ef5
Security Headers
Name Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2ndturn.dtdeals.com/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Content-Security-Policy
default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security
max-age=900; includeSubDomains
X-Content-Type-Options
nosniff
Date
Sat, 24 Dec 2022 23:04:12 GMT
Server
X-Frame-Options
SAMEORIGIN
Content-Type
text/plain; charset=utf-8
Content-Length
116
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| dT_ object| dtrum function| $ function| jQuery object| angular string| filename string| enFAQ string| frFAQ string| enFAQ2 string| frFAQ2 string| enTips string| frTips string| enTerms string| frTerms string| enReturnPolicy string| frReturnPolicy object| stcFR function| getPage function| getTranslation function| setCookie function| getCookie function| getLanguage function| setLanguage function| convert object| mainApp

14 Cookies

Domain/Path Name / Value
fundacionmapfre.dtdeals.com/ Name: BIGipServerdtdeals-app-prod
Value: 783769256.16927.0000
fundacionmapfre.dtdeals.com/ Name: BIGipServerdtdeals-prod
Value: 1103519400.16927.0000
2ndturn.dtdeals.com/ Name: CFID
Value: 36300978
2ndturn.dtdeals.com/ Name: CFTOKEN
Value: d3bf568b5556ad2c%2DBFCABFEA%2D5056%2DBC53%2D6A9DA1562EA002A5
.dtdeals.com/ Name: dtCookie
Value: v_4_srv_35_sn_410AEC36288CAE82C3951B079FEE133B_perc_100000_ol_0_mul_1_app-3Ab164e797842cc9af_1_app-3A245d60807c73190d_1
2ndturn.dtdeals.com/ Name: BIGipServerdtdeals-app-prod
Value: 800546472.16927.0000
2ndturn.dtdeals.com/ Name: BIGipServerdtdeals-prod
Value: 1137073832.16927.0000
.dtdeals.com/ Name: rxVisitor
Value: 1671923045750K74N175IU0TT0BVKE6NU9FB7SQ52UEV2
.dtdeals.com/ Name: dtSa
Value: -
2ndturn.dtdeals.com/ Name: prefLanguage
Value: en
images.dtdeals.com/ Name: BIGipServerimages-dtdeals-app-prod-80
Value: 649551528.20736.0000
.dtdeals.com/ Name: rxvt
Value: 1671924849063|1671923045751
.dtdeals.com/ Name: dtPC
Value: 35$323045748_358h-vCTGONTUHHQRGRANFQLUNVNMHSDLWKFOG-0e0
.dtdeals.com/ Name: dtLatC
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: filesystem: about: blob: ws: wss:; script-src * data: filesystem: about: blob: ws: wss: 'unsafe-eval' 'unsafe-inline'; style-src * data: filesystem: about: blob: ws: wss: 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security max-age=900; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ndturn.dtdeals.com
fundacionmapfre.dtdeals.com
images.dtdeals.com
168.94.230.159
23.64.53.110
0dee606d3486eb2a9c3c0ae4b8e13d1a0ccaaf4f4207749bd4b209b75ea04a6d
0ea3994776c421ee757a1609d9906c90996968b9072a33c3d7b6558a556c70a0
11fb80184699bab4c55e1969b26290c32aa5e1ed005aad9a812defc7af1032e8
1daad1acf2b347e4a673d8262887630525b1248899ebc22f95400f416146152b
2399aa353800d3008ea2416a248b22195e06d68b26aa6b236451c24dedd878ee
3da5b7aaa81155a6674f3882e1479657d9869440d50683f75aa7bec16a45bb14
4604f4d9d80740ab362f4fbbe6d4fd1ae628a3e9cb78e29fd4225664424005c3
47ecfe138f0fc9de5182d4d583a169ed3a5ef98164b2204210980e86339d58ee
481009368ab527a31c6af524a5cfd88f39f7f40a081c3287b4058485e56cfaaf
602d27931a2481dfc19fd73af52d00545418f46efa222ebebb91aec57c0ce6ca
6b0529363cfead520e48c7a083c669c06318258a5bfc3383c974ace623169fae
6c8d166b206a391673662afd6a2303a3080ffe216f56afd393a12f0e6877c3f9
6f639a0f6c5538343135e94e7cd351c45ead8016d659739ece7468077b26555a
7389b83d1d388c74fa6d7830df9f2b05b0d21c41ea376b3d92581f47fbc99ffe
765a1dd231f1d60162f76f8338944b74968bb35e3e665740f854a09e2c0cc3b0
875bb3db9246bb10f52b351cd7c866d7259e001ff1cb839554bb310bed660f09
9165ba8fc918dbf05fd01ac6795edde8c032482e5f643b4e21493dfea5a8faff
93f865a8af8f1a845d8f4f5eb606f117f736f67cce916bc151e47338c2e84de3
a3f89d28f7bf4a1836d7704d4b4ba2f5e1a6f6b73922387cf12b4a95f246afb5
b1e7ef9b47b65b090b15f8c1406bcd195b800b17fd7e53304c1d6a4133ba9ef5
b6d391c9a655d8245cba0b4d26c89002a86ec980b7a1677f1de25520dc19b14d
c3db84ab658cc114ec6ab32bd09703a1e18958ea4cff61ec07504dfcd0b15e9d
db5dbce9a0590c4367c2aec0630651358466553912a05cab82c16080e675475b
df3c2c1f916d484df3d23056a7f837647971a26a6cb25cada1cd98add9711dd4
e7d26cc17a67bbef2fbffee084522112cbd28d9a53c5a3967951ee1432cca024
ec68004b639e14c76d6b125abe39729ec82a27916b69f9504152c718cbc73e6a
ed9c272006ac28108201a3603adea8802c4f8681bd429cb290af83befd5f4a90
ef16ad84bc03fab418ff17a608a93a12a69da66e38378f5b78e84b0a6ce2876d
f0e790148f0a6e2d03233f2c175898653e16a94c8fc6671b66ef06d7f6a18af6
f1ea94e525014d3f154f35e6b9ec851a904c88ffc42a238c2800643c1e043b0d
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b