www.21.com Open in urlscan Pro
2600:9000:2070:6000:1f:f2db:1b40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bigbonusgam.com/?qazwsxecdrfvthkjbqzaqywgveygfncdjnqsuwbdyevgwyuyggh
Effective URL:
https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Submission: On May 18 via api (May 18th 2020, 2:26:51 pm UTC) from SG

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 8 countries across 14 domains to perform 53 HTTP transactions. The main IP is 2600:9000:2070:6000:1f:f2db:1b40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.21.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 26th 2020. Valid for: a year.

This is the only time www.21.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.204.101.64 35.204.101.64	15169 (GOOGLE) (GOOGLE)
2 2	91.92.196.190 91.92.196.190	49882 (SKRILL) (SKRILL)
17	2600:9000:207... 2600:9000:2070:6000:1f:f2db:1b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:15ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:39f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
3	23.37.44.220 23.37.44.220	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.193.189.199 34.193.189.199	14618 (AMAZON-AES) (AMAZON-AES)
1	104.18.73.113 104.18.73.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.33.21.40 63.33.21.40	16509 (AMAZON-02) (AMAZON-02)
5	159.100.24.145 159.100.24.145	203833 (AT-FIRSTC...) (AT-FIRSTCOLO Austria)
1 4	23.209.69.86 23.209.69.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	185.29.135.226 185.29.135.226	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	34.250.196.193 34.250.196.193	16509 (AMAZON-02) (AMAZON-02)
7	104.16.55.111 104.16.55.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
53	16

1 35.204.101.64 (Ascension Island) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 64.101.204.35.bc.googleusercontent.com

bigbonusgam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.92.196.190 (United Kingdom) 2 redirects

ASN49882 (SKRILL, GB)

wl21com.adsrv.eacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2070:6000:1f:f2db:1b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.21.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:15ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:39f5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.44.220 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-44-220.deploy.static.akamaitechnologies.com

zz.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.189.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-189-199.compute-1.amazonaws.com

hn.inspectlet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.73.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.21.40 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-21-40.eu-west-1.compute.amazonaws.com

api.paymentiq.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 159.100.24.145 (Vienna, Austria)

ASN203833 (AT-FIRSTCOLO Austria, AT)

service.21.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.209.69.86 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-69-86.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.240 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.226 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.196.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-196-193.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.55.111 (United States)

ASN13335 (CLOUDFLARENET, US)

21com.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	21.com www.21.com service.21.com	4 MB
8	zdassets.com static.zdassets.com ekr.zdassets.com	539 KB
7	zendesk.com 21com.zendesk.com	2 KB
6	mathtag.com 3 redirects pixel.mathtag.com sync.mathtag.com	4 KB
3	adnxs.com 1 redirects secure.adnxs.com	3 KB
3	connextra.com zz.connextra.com	17 KB
2	inspectlet.com cdn.inspectlet.com hn.inspectlet.com	70 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	google-analytics.com 1 redirects www.google-analytics.com	19 KB
2	eacdn.com 2 redirects wl21com.adsrv.eacdn.com	1 KB
1	paymentiq.io api.paymentiq.io	17 KB
1	doubleclick.net stats.g.doubleclick.net	464 B
1	googletagmanager.com www.googletagmanager.com	27 KB
1	bigbonusgam.com 1 redirects bigbonusgam.com	611 B
53	14

	Domain	Requested by
17	www.21.com	www.21.com
7	21com.zendesk.com	www.21.com static.zdassets.com
7	static.zdassets.com	www.googletagmanager.com static.zdassets.com
5	service.21.com	www.21.com
4	pixel.mathtag.com	1 redirects
3	secure.adnxs.com	1 redirects www.21.com
3	zz.connextra.com	www.googletagmanager.com www.21.com
2	sync.mathtag.com	2 redirects
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	wl21com.adsrv.eacdn.com	2 redirects
1	rum-collector-2.pingdom.net	www.21.com
1	api.paymentiq.io	www.21.com
1	ekr.zdassets.com	www.21.com
1	hn.inspectlet.com	www.21.com
1	stats.g.doubleclick.net	www.21.com
1	cdn.inspectlet.com	www.21.com
1	rum-static.pingdom.net	www.googletagmanager.com
1	www.googletagmanager.com	www.21.com
1	bigbonusgam.com	1 redirects
53	19

This site contains no links.

Subject Issuer	Validity	Valid
*.21.com RapidSSL RSA CA 2018	`2020-02-26` - `2021-03-27`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.zdassets.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-25` - `2021-05-31`	2 years	crt.sh
*.pingdom.net DigiCert SHA2 High Assurance Server CA	`2019-11-08` - `2021-01-19`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-25` - `2020-10-09`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.connextra.com DigiCert SHA2 Secure Server CA	`2019-04-15` - `2020-07-14`	a year	crt.sh
hn.inspectlet.com Let's Encrypt Authority X3	`2020-05-16` - `2020-08-14`	3 months	crt.sh
*.paymentiq.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-24` - `2020-09-21`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
21com.zendesk.com CloudFlare Inc ECC CA-2	`2019-08-25` - `2020-08-24`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Frame ID: 90BD00F9683CD378E57AC5016EE14164
Requests: 38 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Frame ID: AC0949C048808EF3B80310E6A0DA017F
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20949104%26t%3D2
Frame ID: 62F0E347B51EF7F5DB3FFCA19C06A575
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/6c883bd680/182d5ec2-9b19-4c00-9642-0cedf380653c
Frame ID: F16DBAB1FA55809957E9F095E37DAE7C
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.add05527c5cb9c3c2d35.js
Frame ID: 45408077690779860F7EDBD88B496822
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bigbonusgam.com/?qazwsxecdrfvthkjbqzaqywgveygfncdjnqsuwbdyevgwyuyggh HTTP 302
https://wl21com.adsrv.eacdn.com/C.ashx?btag=a_6111b_457c_&affid=1591&siteid=6111&adid=457&c= HTTP 302
https://wl21com.adsrv.eacdn.com/C.ashx?btag=a_6111b_457c_&affid=1591&siteid=6111&adid=457&c=&AutoR=1 HTTP 302
https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111 Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Inspectlet (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.inspectlet\.com/i

Page Statistics

53
Requests

100 %
HTTPS

32 %
IPv6

14
Domains

19
Subdomains

16
IPs

8
Countries

5167 kB
Transfer

7228 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bigbonusgam.com/?qazwsxecdrfvthkjbqzaqywgveygfncdjnqsuwbdyevgwyuyggh HTTP 302
https://wl21com.adsrv.eacdn.com/C.ashx?btag=a_6111b_457c_&affid=1591&siteid=6111&adid=457&c= HTTP 302
https://wl21com.adsrv.eacdn.com/C.ashx?btag=a_6111b_457c_&affid=1591&siteid=6111&adid=457&c=&AutoR=1 HTTP 302
https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1063835759&t=pageview&_s=1&dl=https%3A%2F%2Fwww.21.com%2Fregister%3FCXD%3Da_6111b_457c_%26affid%3D1591%26siteid%3D6111&ul=en-us&de=UTF-8&dt=21.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1160889556&gjid=752525485&cid=381057290.1589811992&tid=UA-120440305-1&_gid=508739495.1589811992&_r=1&gtm=2wg561W7KW7XX&cd1=1591&z=1901163169 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-120440305-1&cid=381057290.1589811992&jid=1160889556&_gid=508739495.1589811992&gjid=752525485&_v=j82&z=1901163169

Request Chain 30

https://pixel.mathtag.com/event/js?mt_id=1467433&mt_adid=235390&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3= HTTP 302
https://pixel.mathtag.com/event/js?mt_id=1467433&mt_adid=235390&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=5f635ec2-9b19-4b00-b445-a7a52eda9434

Request Chain 32

https://secure.adnxs.com/seg?add=20949104&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20949104%26t%3D2

Request Chain 33

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP 302
https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=182d5ec2-9b19-4c00-9642-0cedf380653c HTTP 302
https://zz.connextra.com/sync/data/uid/6c883bd680/182d5ec2-9b19-4c00-9642-0cedf380653c

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request register Show response
www.21.com/
Redirect Chain

http://bigbonusgam.com/?qazwsxecdrfvthkjbqzaqywgveygfncdjnqsuwbdyevgwyuyggh
https://wl21com.adsrv.eacdn.com/C.ashx?btag=a_6111b_457c_&affid=1591&siteid=6111&adid=457&c=
https://wl21com.adsrv.eacdn.com/C.ashx?btag=a_6111b_457c_&affid=1591&siteid=6111&adid=457&c=&AutoR=1
https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111

7 KB
7 KB

165ms
36ms

Document
text/html

2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fbf6facbeaa4edad4d27e12d799cb746eaef61dc5ecfc008ded0b96d52ab0132

Request headers

:method: GET
:authority: www.21.com
:scheme: https
:path: /register?CXD=a_6111b_457c_&affid=1591&siteid=6111
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html
content-length: 6693
server: nginx
date: Sun, 17 May 2020 16:01:52 GMT
last-modified: Fri, 15 May 2020 12:37:58 GMT
etag: "5ebe8d26-1a25"
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: PTpwwdNid8dthdfvjL8_3hBmfDOpq8gTmVkJzsDfOjQiqloAqbc7Kw==
age: 80680

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Server: Microsoft-IIS/10.0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
X-AspNet-Version: 4.0.30319
Set-Cookie: XYZ=120&1&188&&&&0&1&&ee3a728b-3234-4fa0-9a07-7f207739dc18&&a_6111b_457&; expires=Sun, 16-Aug-2020 14:26:32 GMT; path=/ A_457=a=457&r=0&fv=0&lv=0&vc=0&fc=20200518&lc=20200518022632&cc=1; expires=Sun, 16-Aug-2020 14:26:32 GMT; path=/ PM_3=c=&s=6111&ad=457&md=0&pm=3&d=20200518142632&r=0; expires=Sun, 16-Aug-2020 14:26:32 GMT; path=/ CEK=a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/
X-Powered-By: ASP.NET
Date: Mon, 18 May 2020 14:26:31 GMT
Connection: close
Content-Length: 193
Vary: Accept-Encoding

GET
H2 200 styles.8d064c4ad71ab32cf1ca.css
www.21.com/ 100 KB
100 KB 21ms
20ms Stylesheet
text/css 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/styles.8d064c4ad71ab32cf1ca.css
Requested by: Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f51be0520a0bd10aa19a81a6eac07fdde67187436444e801c0cbc7310be8afc7

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:47:46 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
age: 5926
etag: "5ebe8d26-18e68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 101992
x-amz-cf-id: SzrUTa2Y829YjeP7q_xhf1vFMdz1EeEYQer7kMgcj7pOmqEOo_u9mg==

GET
H2 200 runtime.0a2546e38d0d0a7b9dde.js Show response
www.21.com/ 3 KB
3 KB 89ms
88ms Script
application/x-javascript 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/runtime.0a2546e38d0d0a7b9dde.js
Requested by: Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a47d4f62e90ac93cee6e20ed3ca4ad75260d4bda3158dabd5410f109ad469d05

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:47:46 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
age: 5926
etag: "5ebe8d26-a6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 2669
x-amz-cf-id: mu34_OhIxOsoSTV7byuJdCmm-1bHWZLPs8SC7F-xPnd-4BBjrIurxg==

GET
H2 200 polyfills.466dc52903d97e82944f.js Show response
www.21.com/ 199 KB
199 KB 48ms
47ms Script
application/x-javascript 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Requested by: Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 33d9426db1f3252518bd7f24f1da62b0d2a450e5c0f68b45302741d4db831c4e

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:47:46 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
age: 5926
etag: "5ebe8d26-31ac3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 203459
x-amz-cf-id: ip9LrkS9-n61aN84LNcG22sf4myhTm-yJ1mD5MhNfYsE2GCzG2TVHA==

GET
H2 200 scripts.d758672efdead0d1591e.js Show response
www.21.com/ 1 MB
1 MB 66ms
65ms Script
application/x-javascript 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/scripts.d758672efdead0d1591e.js
Requested by: Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c252202bcde5cb25024d578bfd46e3c8320625e0c6e80ac66a2fb429f757d7f9

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:47:46 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
age: 5926
etag: "5ebe8d26-1460d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 1335513
x-amz-cf-id: olU8U5sjI-JG4VIy6YbsDaU0Bawmoiq3zqrP0WlLDL04BCvoK6bnUA==

GET
H2 200 main.a144bfc1e505e1c57414.js Show response
www.21.com/ 3 MB
3 MB 89ms
88ms Script
application/x-javascript 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/main.a144bfc1e505e1c57414.js
Requested by: Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 25ffae4be28aaef5fd18f97b4eff474264a99eefc25099eb123795c918166f5c

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 12:47:46 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
age: 5926
etag: "5ebe8d26-29c5bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 2737595
x-amz-cf-id: JGaxhJ587V3UB6KXc5Lp3s8Gi7sawsv9AcPNfh_YCJ54gjM99KX3IA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
27 KB 34ms
14ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7KW7XX

Requested by

Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cab22d3d7c8c4c4fbe02b1a5a3b3840fdbd0cbf81d6b48815ec9e3f08f21557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27577
x-xss-protection: 0
last-modified: Mon, 18 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 May 2020 14:26:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7KW7XX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 6477
date: Mon, 18 May 2020 12:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Mon, 18 May 2020 14:38:35 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 185ms
76ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=30662c36-d684-4194-ad43-491860acba9c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7KW7XX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 59
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 88A16D7D476902AA
x-amz-id-2: 7JWTCpiLKYtjzE2hn8obC5Mn7tlENTHi/dT5gJo1yiIcUZWVTDx5h0YeROht/BxRxg99sOcewXI=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id: 02c9c6efad00000bcd38278200000001
cf-ray: 595640f91fb70bcd-AMS

GET
H2 200 pa-5eb40261bb9131001500004d.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 34ms
10ms Script
application/javascript 2606:4700:10::6814:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5eb40261bb9131001500004d.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7KW7XX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc236765f6befa3baac88fc46cb8a6e06932ad6b898c3fcc54219cf8dac9a5d9

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 264
status: 200
cf-request-id: 02c9c6ef3a000005e9fa9f0200000001
last-modified: Wed, 26 Jun 2019 09:19:43 GMT
server: cloudflare
etag: W/"5d1338af-1878"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 595640f85bdf05e9-FRA
expires: Mon, 18 May 2020 14:27:08 GMT

GET
H2 200 3636B4_6_0.woff2
www.21.com/assets/fonts/ 21 KB
22 KB 37ms
37ms Font
application/octet-stream 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/assets/fonts/3636B4_6_0.woff2
Requested by: Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 12b5fbd97c404b688883beb0f1f9f8e666a47c5f5536922a85dac33fb901a2fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.21.com/styles.8d064c4ad71ab32cf1ca.css
Origin: https://www.21.com

Response headers

date: Mon, 18 May 2020 12:53:01 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
age: 5611
etag: "5ebe8d26-553f"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-length: 21823
x-amz-cf-id: WHXn_jS96vGgsTI7KGqMOPKuJLeIhTj4SWO3JFn-e6CyBoyyXKiAMg==

GET
H2 200 inspectlet.js Show response
cdn.inspectlet.com/ 208 KB
69 KB 81ms
51ms Script
text/javascript 2606:4700:10::6816:39f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.inspectlet.com/inspectlet.js?wid=671209430&r=441614
Requested by: Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:39f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38e7e40f686e91d031023a33128bc8688555e601828a1366fb30e14c434c24f6

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 595640f88a97c2c7-FRA
date: Mon, 18 May 2020 14:26:32 GMT
via: 1.1 vegur
cf-cache-status: HIT
server: cloudflare
age: 11
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: s-maxage=60, max-age=14400
content-encoding: gzip
cf-request-id: 02c9c6ef590000c2c77a813200000001

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1063835759&t=pageview&_s=1&dl=https%3A%2F%2Fwww.21.com%2Fregister%3FCXD%3Da_6111b_457c_%26affid%3D1591%26siteid%3D6111&ul=en-us&de=UTF-8&dt=2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-120440305-1&cid=381057290.1589811992&jid=1160889556&_gid=508739495.1589811992&gjid=752525485&_v=j82&z=1901163169

35 B
464 B

43ms
14ms

Image
image/gif

2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-120440305-1&cid=381057290.1589811992&jid=1160889556&_gid=508739495.1589811992&gjid=752525485&_v=j82&z=1901163169

Requested by

Host: www.21.com
URL: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 May 2020 14:26:32 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 May 2020 14:26:32 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-120440305-1&cid=381057290.1589811992&jid=1160889556&_gid=508739495.1589811992&gjid=752525485&_v=j82&z=1901163169
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
www.21.com/languages/21M/ 54 KB
54 KB 65ms
65ms XHR
application/json 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/languages/21M/en.json?cb=1589811992722
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: db901caf84d3eb066eb9bbcb617eba9b7e833086f38d0ed26e90f82444249ae5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Wed, 13 May 2020 05:42:37 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebb88cd-d779"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
status: 200
accept-ranges: bytes
content-length: 55161
x-amz-cf-id: dtgro-7pYt6prve9Ku-IK8cZUzrYE7Dpj8dKIOnI4mO4HwC7DLylQw==

GET
H2 200 homepage Show response
zz.connextra.com/dcs/tagController/tag/472b07b9fcf2/ 44 KB
16 KB 201ms
82ms Script
text/javascript 23.37.44.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/dcs/tagController/tag/472b07b9fcf2/homepage
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7KW7XX
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.44.220 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 817947b5dbc0ab54c82c2b6ff86787bf12c81a6bae6a5a3ca844e011701adae4

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: must-revalidate, max-age=291
content-length: 16058
expires: Mon, 18 May 2020 14:31:23 GMT

POST
H/1.1 200
OK 671209430 Show response
hn.inspectlet.com/ginit/ 26 B
445 B 424ms
142ms XHR
application/json 34.193.189.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hn.inspectlet.com/ginit/671209430
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.189.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-189-199.compute-1.amazonaws.com
Software: Cowboy / Express
Resource Hash: d0b1cb1455ecf8ab5a7eb203460cc7ff790df097c5907eb3d27ff7344282517e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 18 May 2020 14:26:33 GMT
Via: 1.1 vegur
Server: Cowboy
X-Powered-By: Express
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.21.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 26

GET
H2 200 30662c36-d684-4194-ad43-491860acba9c Show response
ekr.zdassets.com/compose/ 668 B
813 B 964ms
842ms XHR
application/json 104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/30662c36-d684-4194-ad43-491860acba9c

Requested by

Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13e4dd039329ea89e34e21f52fcf91e6913d7df20bd445800200a4d15f6d2dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200, 200 OK
strict-transport-security: max-age=0
cf-request-id: 02c9c6f1860000c85fb4855200000001
x-request-id: b9f1077c-b12b-4cac-8749-c85290ab4ec4
x-runtime: 0.003177
server: cloudflare
etag: W/"13e4dd039329ea89e34e21f52fcf91e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 595640fc0914c85f-AMS

GET
H/1.1 200 100118001 Show response
api.paymentiq.io/paymentiq/api/viq/jscardencrypter/ 52 KB
17 KB 291ms
73ms Script
application/javascript 63.33.21.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.paymentiq.io/paymentiq/api/viq/jscardencrypter/100118001
Requested by: Host: www.21.com
URL: https://www.21.com/main.a144bfc1e505e1c57414.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.33.21.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-21-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0734697543bd694d6f0e1fb7c141866fcb21d2a0514b48c215c9eec2c6e8dfc8

Request headers

Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 18 May 2020 14:26:32 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
vary: accept-encoding
Content-Type: application/javascript;charset=utf-8

GET
H/1.1 200
OK countryblock Show response
service.21.com/ajax/country/ 83 B
701 B 362ms
100ms XHR
text/html 159.100.24.145
AT-FIRSTCOLO Austria

General

Check archive.org

Show headers Download Go to

Full URL: https://service.21.com/ajax/country/countryblock
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.100.24.145 Vienna, Austria, ASN203833 (AT-FIRSTCOLO Austria, AT),
Reverse DNS
Software: nginx /
Resource Hash: f0538c812977ed74b43ff878648d81add795634753af733225aa262b059d0cd7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 14:26:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.21.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK / Show response
service.21.com/ajax/game/getgames/ 83 B
701 B 326ms
99ms XHR
text/html 159.100.24.145
AT-FIRSTCOLO Austria

General

Check archive.org

Show headers Download Go to

Full URL: https://service.21.com/ajax/game/getgames/?languageId=en
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.100.24.145 Vienna, Austria, ASN203833 (AT-FIRSTCOLO Austria, AT),
Reverse DNS
Software: nginx /
Resource Hash: f0538c812977ed74b43ff878648d81add795634753af733225aa262b059d0cd7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 14:26:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.21.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK status Show response
service.21.com/ajax/login/ 83 B
701 B 322ms
94ms XHR
text/html 159.100.24.145
AT-FIRSTCOLO Austria

General

Check archive.org

Show headers Download Go to

Full URL: https://service.21.com/ajax/login/status
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.100.24.145 Vienna, Austria, ASN203833 (AT-FIRSTCOLO Austria, AT),
Reverse DNS
Software: nginx /
Resource Hash: f0538c812977ed74b43ff878648d81add795634753af733225aa262b059d0cd7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 14:26:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.21.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK getPage Show response
service.21.com/ajax/staticPage/ 83 B
701 B 322ms
95ms XHR
text/html 159.100.24.145
AT-FIRSTCOLO Austria

General

Check archive.org

Show headers Download Go to

Full URL: https://service.21.com/ajax/staticPage/getPage?lang=en&url_path=footer&languageId=en
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.100.24.145 Vienna, Austria, ASN203833 (AT-FIRSTCOLO Austria, AT),
Reverse DNS
Software: nginx /
Resource Hash: f0538c812977ed74b43ff878648d81add795634753af733225aa262b059d0cd7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 14:26:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.21.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK getcountryDetails Show response
service.21.com/ajax/profile/ 83 B
701 B 313ms
92ms XHR
text/html 159.100.24.145
AT-FIRSTCOLO Austria

General

Check archive.org

Show headers Download Go to

Full URL: https://service.21.com/ajax/profile/getcountryDetails
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.100.24.145 Vienna, Austria, ASN203833 (AT-FIRSTCOLO Austria, AT),
Reverse DNS
Software: nginx /
Resource Hash: f0538c812977ed74b43ff878648d81add795634753af733225aa262b059d0cd7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.21.com/register?CXD=a_6111b_457c_&affid=1591&siteid=6111
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 14:26:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.21.com
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 down-arrow.png
www.21.com/assets/img/ 456 B
757 B 38ms
37ms Image
image/png 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.21.com/assets/img/down-arrow.png
Requested by: Host: www.21.com
URL: https://www.21.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f2a7be60e2699f9609f48b66d7bf9eef64b19cb322930cd85ea4f364e2e62be

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-1c8"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 456
x-amz-cf-id: 9Dp85lPp_88jHO6tY_tkC1Q9Ihda5Z6ccWvVzqvwZGm2ergOp4vKcQ==

GET
H2 200 icon-cookie.png
www.21.com/assets/img/ 6 KB
6 KB 39ms
38ms Image
image/png 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.21.com/assets/img/icon-cookie.png
Requested by: Host: www.21.com
URL: https://www.21.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9d2b41923c409918416da6b1d0fb04a3db697c903ccfe0f2a06f63d1ec491dc5

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-169a"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 5786
x-amz-cf-id: RkKPkpTsVhGlup1jsBGaf_oQz1yVRohEp-CH50ptE2tbkYJLoFMTCA==

GET
H2 200 3636B4_1_0.woff2
www.21.com/assets/fonts/ 22 KB
22 KB 84ms
83ms Font
application/octet-stream 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/assets/fonts/3636B4_1_0.woff2
Requested by: Host: www.21.com
URL: https://www.21.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ea2ddf6ef219d8f7d109d7a056568b6109f29d8841f3d9b1dc21f14f6c527208

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.21.com/styles.8d064c4ad71ab32cf1ca.css
Origin: https://www.21.com

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-560a"
x-cache: Miss from cloudfront
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 22026
x-amz-cf-id: hTHxbXOxZ0goOvr3t4iHr40zjGRbEkga_pPbaAFScpdPBJFYJwGhSQ==

GET
H2 200 fontello.woff2
www.21.com/assets/fonts/ 15 KB
16 KB 96ms
96ms Font
application/octet-stream 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.21.com/assets/fonts/fontello.woff2
Requested by: Host: www.21.com
URL: https://www.21.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec1053189d9b1ab24339694ddbb7a4778eed4834787e791b246aacc8a9d22467

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.21.com/styles.8d064c4ad71ab32cf1ca.css
Origin: https://www.21.com

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-3d18"
x-cache: Miss from cloudfront
content-type: application/octet-stream
status: 200
accept-ranges: bytes
content-length: 15640
x-amz-cf-id: Ueep8oN4tucemwtO9_dyf2jyKEvaiJk8i0oXAh6W3UzePyPX5LdUmA==

GET
H2 200 21-logo.png
www.21.com/assets/img/ 38 KB
38 KB 53ms
53ms Image
image/png 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.21.com/assets/img/21-logo.png
Requested by: Host: www.21.com
URL: https://www.21.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 945213aa57f6e9f90353e74a9767c66a5cef31cba930962167e85385b85e05fb

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-961f"
x-cache: Miss from cloudfront
content-type: image/png
status: 200
accept-ranges: bytes
content-length: 38431
x-amz-cf-id: vcx5xL3SPeDbIwJObMAkOopLEUTOfuCFXvs2YnbNixJErkQuDKmTBg==

GET
H2 200 18plus.svg
www.21.com/assets/img/ 3 KB
3 KB 62ms
61ms Image
image/svg+xml 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.21.com/assets/img/18plus.svg
Requested by: Host: www.21.com
URL: https://www.21.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7490869fafeaf68d9ac94c688bb10aad65cb6eefa1c93a0f0db862b75211ddc6

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:32 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-be6"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 3046
x-amz-cf-id: 8ItwkEQVpFLfGcfTMJNuRp1b8OQjM0rAygYQJs0L1f8XTVHy1SAg3w==

GET
H2 200 null.svg
www.21.com/assets/country_flags/ 7 KB
7 KB 94ms
93ms Image
text/html 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.21.com/assets/country_flags/null.svg
Requested by: Host: www.21.com
URL: https://www.21.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-1a25"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html
status: 200
accept-ranges: bytes
content-length: 6693
x-amz-cf-id: Aegy__euV1y4L0SRi1YFZXDB0AlhfioKW_sMmIQkqSKfLEpOWfOflA==

POST
H2 200 472b07b9fcf2 Show response
zz.connextra.com/21/dcs/tagController/tagData/ 0
387 B 72ms
72ms XHR
text/plain 23.37.44.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/21/dcs/tagController/tagData/472b07b9fcf2
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.44.220 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
status: 200
vary: Origin
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
access-control-allow-origin: https://www.21.com
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H/1.1

200
OK

js Show response
pixel.mathtag.com/event/
Redirect Chain

https://pixel.mathtag.com/event/js?mt_id=1467433&mt_adid=235390&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
https://pixel.mathtag.com/event/js?mt_id=1467433&mt_adid=235390&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=5f635ec2-9b19-4b00-b445-a7a52eda9434

597 B
921 B

68ms
68ms

Script
text/javascript

23.209.69.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1467433&mt_adid=235390&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=5f635ec2-9b19-4b00-b445-a7a52eda9434
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.69.86 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-69-86.deploy.static.akamaitechnologies.com
Software: MT3 2304 363fb6b master zrh-pixel-x19 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 18 May 2020 14:26:33 GMT
Server: MT3 2304 363fb6b master zrh-pixel-x19
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Mon, 18 May 2020 14:26:32 GMT

Redirect headers

Date: Mon, 18 May 2020 14:26:33 GMT
Server: MT3 2334 83311f9 master zrh-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/event/js?mt_id=1467433&mt_adid=235390&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mm_bnc&mm_bct&UUID=5f635ec2-9b19-4b00-b445-a7a52eda9434
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Mon, 18 May 2020 14:26:32 GMT

GET
H/1.1 200
OK getuidnb
secure.adnxs.com/ Frame AC09 43 B
690 B 198ms
64ms Image
image/gif 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID

Requested by

Host: www.21.com
URL: https://www.21.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 14:26:35 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid: 9bd3412a-5023-422b-9255-2ce484c32321
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 62F0
Redirect Chain

https://secure.adnxs.com/seg?add=20949104&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20949104%26t%3D2

43 B
1 KB

64ms
64ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20949104%26t%3D2

Requested by

Host: www.21.com
URL: https://www.21.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 May 2020 14:26:35 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.109:80
AN-X-Request-Uuid: 6bf641db-90a1-4317-a259-721b7b87a93b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 May 2020 14:26:35 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.13:80
AN-X-Request-Uuid: de8212c6-b899-4e29-817f-c5d54bf74cde
Server: nginx/1.13.4
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D20949104%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

182d5ec2-9b19-4c00-9642-0cedf380653c
zz.connextra.com/sync/data/uid/6c883bd680/ Frame F16D
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D&mm_bnc&mm_bct&UUID=182d5ec2-9b19-4c00-9642-0cedf380653c
https://zz.connextra.com/sync/data/uid/6c883bd680/182d5ec2-9b19-4c00-9642-0cedf380653c

43 B
458 B

89ms
89ms

Image
image/gif

23.37.44.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zz.connextra.com/sync/data/uid/6c883bd680/182d5ec2-9b19-4c00-9642-0cedf380653c
Requested by: Host: www.21.com
URL: https://www.21.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.44.220 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-44-220.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 May 2020 14:26:33 GMT
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
status: 200
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 43
expires: Mon, 18 May 2020 14:26:33 GMT

Redirect headers

Date: Mon, 18 May 2020 14:28:10 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x22
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://zz.connextra.com/sync/data/uid/6c883bd680/182d5ec2-9b19-4c00-9642-0cedf380653c
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 18 May 2020 14:28:09 GMT

GET
H2 200 icon-cb-lock.svg
www.21.com/assets/img/ 5 KB
5 KB 39ms
38ms Image
image/svg+xml 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.21.com/assets/img/icon-cb-lock.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 08bcfad81d5712c49bb3d70dd9d197ebb32e5a9b5c9a217bd5a61014630e51ec

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-12aa"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 4778
x-amz-cf-id: xVM4w3iLQgm2xC1Sj31r6jJHn-98WrWWlm97m0Zy5v7kifmWodqR6w==

GET
H2 200 icon-cb-contact.svg
www.21.com/assets/img/ 2 KB
2 KB 39ms
39ms Image
image/svg+xml 2600:9000:2070:6000:1f:f2db:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.21.com/assets/img/icon-cb-contact.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2070:6000:1f:f2db:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b5f927067621851a9abaae91cfd8a680b88fd4f44b24176ddf3f86daa5ea3668

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
via: 1.1 9561715783a77e8d6af0f70efd63d289.cloudfront.net (CloudFront)
last-modified: Fri, 15 May 2020 12:37:58 GMT
server: nginx
x-amz-cf-pop: HAM50-C3
etag: "5ebe8d26-61c"
x-cache: Miss from cloudfront
content-type: image/svg+xml
status: 200
accept-ranges: bytes
content-length: 1564
x-amz-cf-id: jUUnEpwWh3kXA6Te9yKjFcyz2UfDnAQUFwkUipecv9obuVlHsZsDbA==

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 271ms
72ms XHR
text/plain 34.250.196.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=5eb40261bb9131001500004d&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1443&cE=1476&dLE=1443&dLS=1347&fS=1347&hS=1456&rE=-1&rS=-1&reS=1476&resS=1512&resE=1512&uEE=-1&uES=-1&dL=1514&dI=1957&dCLES=1957&dCLEE=1959&dC=2395&lES=2395&lEE=2406&s=nt&title=21.com&path=https%3A%2F%2Fwww.21.com%2F&ref=&sId=n3zhu9aj&sST=1589811993&sIS=1&rV=0&v=1.4.0
Requested by: Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.196.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-196-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 18 May 2020 14:26:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
480 B 65ms
65ms Image
image/gif 23.209.69.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.69.86 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-69-86.deploy.static.akamaitechnologies.com
Software: MT3 2304 363fb6b master zrh-pixel-x20 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 18 May 2020 14:26:33 GMT
Server: MT3 2304 363fb6b master zrh-pixel-x20
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 18 May 2020 14:26:32 GMT

GET
H2 200 preload.add05527c5cb9c3c2d35.js Show response
static.zdassets.com/web_widget/latest/ Frame 4540 44 KB
13 KB 109ms
106ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.add05527c5cb9c3c2d35.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=30662c36-d684-4194-ad43-491860acba9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6011f10bbc578f6a4c6fbe4c121e64e4225429f6e1715801e814962802f56043

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 392042
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: E6056D99C95969D1
x-amz-id-2: fMi7T3tfCQKmyFuJNlkNwqXTweAiinGFHi4NAbzoX1y0JM77spQ4n3YUkKmrbumHJnAMBqymEIE=
last-modified: Wed, 13 May 2020 23:29:20 GMT
server: cloudflare
etag: W/"ff7c6c631982c56bbb74ecd5f17ea3d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VBEiIEY7ku1hrYC9QPaZ51ych7Qx5aRD
cf-request-id: 02c9c6f4e300000bcd382ea200000001
cf-ray: 595641016df80bcd-AMS
expires: Thu, 13 May 2021 23:29:19 GMT

GET
H2 200 vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 4540 1 MB
278 KB 78ms
75ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=30662c36-d684-4194-ad43-491860acba9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84c386b5edb79a4f516cd83149326cfbbd51007b239311c49dcb8291af23821f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 911458
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 7B4D34FE2E5EE8A0
x-amz-id-2: m6XJvYhri0oT9I5j3OxWP0DcSEJmrYmVns0v6si57u+3nVehGKPcvJBPHDR36G9UpiOkab0BrdI=
last-modified: Thu, 07 May 2020 00:29:28 GMT
server: cloudflare
etag: W/"8a59314d4ebaed50222892ba3538713b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: aG_htA423oKq9aea3QHoY9Nxvom8Xuix
cf-request-id: 02c9c6f4e300000bcd382eb200000001
cf-ray: 595641016df90bcd-AMS
expires: Fri, 07 May 2021 00:29:27 GMT

GET
H2 200 web_widget.7ecc91fed5952730f5e2.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 4540 865 KB
165 KB 63ms
61ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.7ecc91fed5952730f5e2.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=30662c36-d684-4194-ad43-491860acba9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbb990171f75247750ed450afa019b49eab3109cf3ca0244caaf50db7baeebb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11196
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: E19003EC552506CD
x-amz-id-2: xZSk/mk5HXKUzmkxpZaasFVaFXU43cpya96fECYCsrSn2tV9KptaUThs7DonOpPkRPhqS7Y2AVI=
last-modified: Wed, 13 May 2020 23:29:21 GMT
server: cloudflare
etag: W/"b5344c7d313f2c534fc41eb7010224dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: nFhN90ssLlmZXBB2Vtcn6m61mASfI0.J
cf-request-id: 02c9c6f4e300000bcd382ec200000001
cf-ray: 595641016dfa0bcd-AMS
expires: Thu, 13 May 2021 23:29:20 GMT

GET
H2 200 chat-sdk.8bec18ba6b375cdd85e2.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 4540 255 KB
50 KB 164ms
162ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.8bec18ba6b375cdd85e2.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=30662c36-d684-4194-ad43-491860acba9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e63ace57040569ef71ddec08c63bde0cdb1fb2d9e98027caaf84fa9258e7048

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1863396
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: FF3025C7B1F618C9
x-amz-id-2: ARbSxz7kYZISIMzrj7l7LblmtOv+0t+5UvgmYBhqovq+dBvLFG7SukzOkZu+EFVS3PajoBZAE+g=
last-modified: Fri, 24 Apr 2020 06:36:01 GMT
server: cloudflare
etag: W/"23243262e0659a5a9e138886779371e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: ZLJ4wrb4N.QqdO_sfLJrfvdZBfGl9OnX
cf-request-id: 02c9c6f4e300000bcd382ed200000001
cf-ray: 595641016dfb0bcd-AMS
expires: Sat, 24 Apr 2021 06:35:59 GMT

GET
H2 200 config Show response
21com.zendesk.com/embeddable/ 644 B
1 KB 268ms
138ms XHR
application/json 104.16.55.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://21com.zendesk.com/embeddable/config

Requested by

Host: www.21.com
URL: https://www.21.com/polyfills.466dc52903d97e82944f.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.55.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95633024badc8ded638b820ca229402c46a19eaa77b039a3e5e640645bad0df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
vary: Origin, Accept-Encoding
cf-request-id: 02c9c6f5e60000d8b1c4b13200000001
x-request-id: 595641030f91d8b1-DUB
x-runtime: 0.001267
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-f757d57d8-p2xw6
cf-ray: 595641030f91d8b1-AMS

GET
H2 200 embeddable_blip Show response
21com.zendesk.com/ Frame 4540 0
261 B 90ms
89ms XHR
text/html 104.16.55.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21com.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsib2Zmc2V0Ijp7Imhvcml6b250YWwiOiIwcHgiLCJ2ZXJ0aWNhbCI6IjEwcHgiLCJtb2JpbGUiOnsiaG9yaXpvbnRhbCI6Ii0yNXB4IiwidmVydGljYWwiOiI2MHB4In19fX0sImJ1aWQiOiI5N2IzZGJjYTQwNTQzYmJhMmE3YzRkMDg1OGJlNGQ0YyIsInN1aWQiOiJiMGY1YTAwM2FmN2VlOWRiMGVmOTk5MThmMGRmY2Q2NyIsInZlcnNpb24iOiIzNjM5NTkzNzQiLCJ0aW1lc3RhbXAiOiIyMDIwLTA1LTE4VDE0OjI2OjM0LjI1NloiLCJ1cmwiOiJodHRwczovL3d3dy4yMS5jb20vIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.55.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:34 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.21.com
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 5956410449f6d8b1-AMS
content-length: 0
cf-request-id: 02c9c6f6ae0000d8b1c4b1f200000001

GET
H2 200 en-us.39cd5e9a02de31b5bebb.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame 4540 24 KB
5 KB 66ms
66ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us.39cd5e9a02de31b5bebb.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ccd92da0f2945598b58ab70a3f546117b05134fbda7a6880c8f75f4525e96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:34 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1676199
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: AA9CEF11F49F8772
x-amz-id-2: 65A96q8Oj27VHQ216QV19EpuURbUHUnlMnqu8v6p3oRIGK6eYC6N5ct0UVLyr0GiBfmcH7D5os4=
last-modified: Wed, 29 Apr 2020 04:38:24 GMT
server: cloudflare
etag: W/"39cd5e9a02de31b5bebb818a773ec707"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: w7N7RGUMCBxoUZdHWjTMqTJAE5H7VQOz
cf-request-id: 02c9c6f6b100000bcd38329200000001
cf-ray: 595641044de90bcd-AMS
expires: Thu, 29 Apr 2021 04:38:23 GMT

GET
H2 200 embeddable_blip Show response
21com.zendesk.com/ Frame 4540 0
65 B 111ms
111ms XHR
text/html 104.16.55.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21com.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiIkem9waW0ubGl2ZWNoYXQud2luZG93LnNldFRpdGxlIiwibGFiZWwiOm51bGwsInZhbHVlIjp7ImFyZ3MiOiIyMS5jb20gTGl2ZSBTdXBwb3J0In19LCJidWlkIjoiOTdiM2RiY2E0MDU0M2JiYTJhN2M0ZDA4NThiZTRkNGMiLCJzdWlkIjoiYjBmNWEwMDNhZjdlZTlkYjBlZjk5OTE4ZjBkZmNkNjciLCJ2ZXJzaW9uIjoiMzYzOTU5Mzc0IiwidGltZXN0YW1wIjoiMjAyMC0wNS0xOFQxNDoyNjozNC4zNTJaIiwidXJsIjoiaHR0cHM6Ly93d3cuMjEuY29tLyJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.55.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:34 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.21.com
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 59564104ebeed8b1-AMS
content-length: 0
cf-request-id: 02c9c6f7140000d8b1c4b27200000001

GET
H2 200 embeddable_blip Show response
21com.zendesk.com/ Frame 4540 0
65 B 90ms
90ms XHR
text/html 104.16.55.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21com.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiIkem9waW0ubGl2ZWNoYXQuZGVwYXJ0bWVudHMuZmlsdGVyIiwibGFiZWwiOm51bGwsInZhbHVlIjp7ImFyZ3MiOlsiRW5nbGlzaCBTdXBwb3J0IiwiRGV1dHNjaGVyIEt1bmRlbnNlcnZpY2UiLCJTdW9tZW5raWVsaW5lbiBBc2lha2FzcGFsdmVsdSIsIk5vcnNrIGt1bmRlc3TDuHR0ZSIsIuaXpeacrOiqnuOCteODneODvOODiCJdfX0sImJ1aWQiOiI5N2IzZGJjYTQwNTQzYmJhMmE3YzRkMDg1OGJlNGQ0YyIsInN1aWQiOiJiMGY1YTAwM2FmN2VlOWRiMGVmOTk5MThmMGRmY2Q2NyIsInZlcnNpb24iOiIzNjM5NTkzNzQiLCJ0aW1lc3RhbXAiOiIyMDIwLTA1LTE4VDE0OjI2OjM0LjQxMVoiLCJ1cmwiOiJodHRwczovL3d3dy4yMS5jb20vIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.55.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:34 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.21.com
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 595641054d38d8b1-AMS
content-length: 0
cf-request-id: 02c9c6f7480000d8b1c4b28200000001

GET
H2 200 embeddable_blip Show response
21com.zendesk.com/ Frame 4540 0
65 B 105ms
105ms XHR
text/html 104.16.55.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21com.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiIkem9waW0ubGl2ZWNoYXQuYWRkVGFncyIsImxhYmVsIjpudWxsLCJ2YWx1ZSI6eyJhcmdzIjoiMjFjb20ifX0sImJ1aWQiOiI5N2IzZGJjYTQwNTQzYmJhMmE3YzRkMDg1OGJlNGQ0YyIsInN1aWQiOiJiMGY1YTAwM2FmN2VlOWRiMGVmOTk5MThmMGRmY2Q2NyIsInZlcnNpb24iOiIzNjM5NTkzNzQiLCJ0aW1lc3RhbXAiOiIyMDIwLTA1LTE4VDE0OjI2OjM0LjQxMloiLCJ1cmwiOiJodHRwczovL3d3dy4yMS5jb20vIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.55.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:34 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.21.com
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 595641054d3cd8b1-AMS
content-length: 0
cf-request-id: 02c9c6f7490000d8b1c4b29200000001

GET
H2 200 embeddable_blip Show response
21com.zendesk.com/ Frame 4540 0
65 B 150ms
150ms XHR
text/html 104.16.55.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21com.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiIkem9waW0ubGl2ZWNoYXQuZGVwYXJ0bWVudHMuc2V0TGFiZWwiLCJsYWJlbCI6bnVsbCwidmFsdWUiOnsiYXJncyI6IlNlbGVjdCBhIGxhbmd1YWdlIn19LCJidWlkIjoiOTdiM2RiY2E0MDU0M2JiYTJhN2M0ZDA4NThiZTRkNGMiLCJzdWlkIjoiYjBmNWEwMDNhZjdlZTlkYjBlZjk5OTE4ZjBkZmNkNjciLCJ2ZXJzaW9uIjoiMzYzOTU5Mzc0IiwidGltZXN0YW1wIjoiMjAyMC0wNS0xOFQxNDoyNjozNC40MTNaIiwidXJsIjoiaHR0cHM6Ly93d3cuMjEuY29tLyJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.55.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:34 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.21.com
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 595641054d47d8b1-AMS
content-length: 0
cf-request-id: 02c9c6f7490000d8b1c4b2a200000001

GET
H2 200 embeddable_blip Show response
21com.zendesk.com/ Frame 4540 0
65 B 92ms
92ms XHR
text/html 104.16.55.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://21com.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LjIxLmNvbS8iLCJ0aW1lIjoyMjEsImxvYWRUaW1lIjoxMTUuODgwMDAwMDU1NzY3NiwibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IjIxLmNvbSIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEuMCwgbWF4aW11bS1zY2FsZT0xLjAsIHVzZXItc2NhbGFibGU9bm8iLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6Ijk3YjNkYmNhNDA1NDNiYmEyYTdjNGQwODU4YmU0ZDRjIiwic3VpZCI6ImIwZjVhMDAzYWY3ZWU5ZGIwZWY5OTkxOGYwZGZjZDY3IiwidmVyc2lvbiI6IjM2Mzk1OTM3NCIsInRpbWVzdGFtcCI6IjIwMjAtMDUtMThUMTQ6MjY6MzQuNDczWiIsInVybCI6Imh0dHBzOi8vd3d3LjIxLmNvbS8ifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.18a455ee50f6eb78a6ad.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.55.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 18 May 2020 14:26:34 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.21.com
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
cf-ray: 59564105ae1dd8b1-AMS
content-length: 0
cf-request-id: 02c9c6f7870000d8b1c4b30200000001

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame 4540 19 KB
20 KB 91ms
91ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 18 May 2020 14:26:35 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: BB6993A633673FFF
x-amz-server-side-encryption: AES256
cf-ray: 5956410a0cfc0bcd-AMS
status: 206
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: WMRyCW4+G2JttsZsWzPQ2PjDqIvyy4bIdfliTVYxmJgjugYkY59CPFZpfTEluPSb9DocLAr0ITU=
Content-Range: bytes 0-19697/19698
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 02c9c6fa4300000bcd3836d200000001
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
635 B 174ms
174ms Image
image/gif 23.209.69.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.209.69.86 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-69-86.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master zrh-pixel-x18 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.21.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 18 May 2020 14:26:43 GMT
Server: MT3 2334 83311f9 master zrh-pixel-x18
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 18 May 2020 14:26:42 GMT

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.21.com/	1970-01-19 18:22:27	Name: __insp_targlpu Value: aHR0cHM6Ly93d3cuMjEuY29tL3JlZ2lzdGVyP0NYRD1hXzYxMTFiXzQ1N2NfJmFmZmlkPTE1OTEmc2l0ZWlkPTYxMTE%3D
.21.com/	1970-01-19 18:22:27	Name: __insp_targlpt Value: MjEuY29t
.21.com/	1970-01-19 18:22:27	Name: __insp_nv Value: true
.21.com/	1970-01-19 18:22:27	Name: __insp_slim Value: 1589811992793
.21.com/	1970-01-19 18:22:27	Name: __insp_wid Value: 671209430

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.21.com/main.a144bfc1e505e1c57414.js(Line 1) Message: ERROR TypeError: Cannot read property 'unsubscribe' of undefined
console-api	log	(Line 1) Message: configZenDeskChat - config
console-api	log	(Line 2) Message: configZenDeskChat - config complete

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21com.zendesk.com
api.paymentiq.io
bigbonusgam.com
cdn.inspectlet.com
ekr.zdassets.com
hn.inspectlet.com
pixel.mathtag.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
secure.adnxs.com
service.21.com
static.zdassets.com
stats.g.doubleclick.net
sync.mathtag.com
wl21com.adsrv.eacdn.com
www.21.com
www.google-analytics.com
www.googletagmanager.com
zz.connextra.com
104.16.55.111
104.18.72.113
104.18.73.113
159.100.24.145
185.29.135.226
185.33.220.240
23.209.69.86
23.37.44.220
2600:9000:2070:6000:1f:f2db:1b40:93a1
2606:4700:10::6814:15ef
2606:4700:10::6816:39f5
2a00:1450:4001:801::2008
2a00:1450:4001:817::200e
2a00:1450:400c:c0b::9a
34.193.189.199
34.250.196.193
35.204.101.64
63.33.21.40
91.92.196.190
0734697543bd694d6f0e1fb7c141866fcb21d2a0514b48c215c9eec2c6e8dfc8
08bcfad81d5712c49bb3d70dd9d197ebb32e5a9b5c9a217bd5a61014630e51ec
12b5fbd97c404b688883beb0f1f9f8e666a47c5f5536922a85dac33fb901a2fe
13e4dd039329ea89e34e21f52fcf91e6913d7df20bd445800200a4d15f6d2dd8
1cab22d3d7c8c4c4fbe02b1a5a3b3840fdbd0cbf81d6b48815ec9e3f08f21557
1e63ace57040569ef71ddec08c63bde0cdb1fb2d9e98027caaf84fa9258e7048
25ffae4be28aaef5fd18f97b4eff474264a99eefc25099eb123795c918166f5c
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
33d9426db1f3252518bd7f24f1da62b0d2a450e5c0f68b45302741d4db831c4e
38e7e40f686e91d031023a33128bc8688555e601828a1366fb30e14c434c24f6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f2a7be60e2699f9609f48b66d7bf9eef64b19cb322930cd85ea4f364e2e62be
6011f10bbc578f6a4c6fbe4c121e64e4225429f6e1715801e814962802f56043
7490869fafeaf68d9ac94c688bb10aad65cb6eefa1c93a0f0db862b75211ddc6
817947b5dbc0ab54c82c2b6ff86787bf12c81a6bae6a5a3ca844e011701adae4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c386b5edb79a4f516cd83149326cfbbd51007b239311c49dcb8291af23821f
945213aa57f6e9f90353e74a9767c66a5cef31cba930962167e85385b85e05fb
95633024badc8ded638b820ca229402c46a19eaa77b039a3e5e640645bad0df4
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9d2b41923c409918416da6b1d0fb04a3db697c903ccfe0f2a06f63d1ec491dc5
a47d4f62e90ac93cee6e20ed3ca4ad75260d4bda3158dabd5410f109ad469d05
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5f927067621851a9abaae91cfd8a680b88fd4f44b24176ddf3f86daa5ea3668
b9ccd92da0f2945598b58ab70a3f546117b05134fbda7a6880c8f75f4525e96a
bc236765f6befa3baac88fc46cb8a6e06932ad6b898c3fcc54219cf8dac9a5d9
c252202bcde5cb25024d578bfd46e3c8320625e0c6e80ac66a2fb429f757d7f9
d0b1cb1455ecf8ab5a7eb203460cc7ff790df097c5907eb3d27ff7344282517e
db901caf84d3eb066eb9bbcb617eba9b7e833086f38d0ed26e90f82444249ae5
dbb990171f75247750ed450afa019b49eab3109cf3ca0244caaf50db7baeebb8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2ddf6ef219d8f7d109d7a056568b6109f29d8841f3d9b1dc21f14f6c527208
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ec1053189d9b1ab24339694ddbb7a4778eed4834787e791b246aacc8a9d22467
f0538c812977ed74b43ff878648d81add795634753af733225aa262b059d0cd7
f51be0520a0bd10aa19a81a6eac07fdde67187436444e801c0cbc7310be8afc7
fbf6facbeaa4edad4d27e12d799cb746eaef61dc5ecfc008ded0b96d52ab0132

www.21.com Open in urlscan Pro 2600:9000:2070:6000:1f:f2db:1b40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

32 %IPv6

14 Domains

19 Subdomains

16 IPs

8 Countries

5167 kBTransfer

7228 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.21.com Open in urlscan Pro
2600:9000:2070:6000:1f:f2db:1b40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

32 %
IPv6

14
Domains

19
Subdomains

16
IPs

8
Countries

5167 kB
Transfer

7228 kB
Size

5
Cookies

53 HTTP transactions
0 data transactions