urlscan.io logo urlscan.io
SecurityTrails logo

21dw.vip Open in urlscan Pro
107.163.45.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://comedyzentral.com/
Effective URL: https://21dw.vip/
Submission: On May 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 20 HTTP transactions. The main IP is 107.163.45.99, located in United States and belongs to FEDERAL-ONLINE-GROUP-LLC, US. The main domain is 21dw.vip.
TLS certificate: Issued by R3 on May 16th 2022. Valid for: 3 months.
This is the only time 21dw.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 164.88.187.137 137951 (CLAYERLIM...)
1 160.121.228.65 137951 (CLAYERLIM...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 107.163.45.99 395776 (FEDERAL-O...)
10 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... ()
20 6
1    164.88.187.137 (South Africa)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)
comedyzentral.com
1    160.121.228.65 (Chicago, United States)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)
newgram.ttooqaz8.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    107.163.45.99 (United States)

ASN395776 (FEDERAL-ONLINE-GROUP-LLC, US)
21dw.vip
10    2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.promotesearchs.com
2    2606:4700::6810:7eaf (None, )

ASN- ()
unpkg.com
Apex Domain
Subdomains		 Transfer
10 promotesearchs.com
cdn.promotesearchs.com
382 KB
2 unpkg.com
unpkg.com
8 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8357
12 KB
1 21dw.vip
21dw.vip
7 KB
1 ttooqaz8.com
newgram.ttooqaz8.com
1 KB
1 comedyzentral.com
comedyzentral.com
225 B
0 aliyuncs.com Failed
congxuan.oss-cn-beijing.aliyuncs.com Failed
0 cnzz.com Failed
s9.cnzz.com Failed
20 8
Domain Requested by
10 cdn.promotesearchs.com 21dw.vip
2 unpkg.com 1 redirects 21dw.vip
2 hm.baidu.com newgram.ttooqaz8.com
21dw.vip
1 21dw.vip newgram.ttooqaz8.com
1 newgram.ttooqaz8.com
1 comedyzentral.com 1 redirects
0 congxuan.oss-cn-beijing.aliyuncs.com Failed 21dw.vip
0 s9.cnzz.com Failed 21dw.vip
20 8

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2021-11-15 -
2022-08-02		 9 months crt.sh
www.21dw.vip
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.promotesearchs.com
E1		 2022-05-24 -
2022-08-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://21dw.vip/
Frame ID: 815A8F25C8F7DABF059ECEA8294259AF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

第一

Page URL History Show full URLs

  1. http://comedyzentral.com/ HTTP 301
    http://newgram.ttooqaz8.com/aa.html Page URL
  2. https://21dw.vip/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

20
Requests

65 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

6
IPs

3
Countries

409 kB
Transfer

505 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://comedyzentral.com/ HTTP 301
    http://newgram.ttooqaz8.com/aa.html Page URL
  2. https://21dw.vip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://comedyzentral.com/ HTTP 301
  • http://newgram.ttooqaz8.com/aa.html
Request Chain 17
  • https://unpkg.com/axios/dist/axios.min.js HTTP 302
  • https://unpkg.com/axios@0.27.2/dist/axios.min.js

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aa.html
newgram.ttooqaz8.com/
Redirect Chain
  • http://comedyzentral.com/
  • http://newgram.ttooqaz8.com/aa.html
872 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://newgram.ttooqaz8.com/aa.html
Protocol
HTTP/1.1
Server
160.121.228.65 Chicago, United States, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
971e2fb391e3bca9d7b3bfa3ab00e6fd8c39dabcf313e34f9addcdf6e46aadb7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
872
Content-Type
text/html
Date
Thu, 26 May 2022 18:27:50 GMT
ETag
"628223a3-368"
Last-Modified
Mon, 16 May 2022 10:12:51 GMT
Server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 26 May 2022 18:27:50 GMT
Location
http://Newgram.ttooqaz8.com/aa.html
Server
nginx
Transfer-Encoding
chunked
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?4670e3ccbeb33eac2e0ce219dedc53bb
Requested by
Host: newgram.ttooqaz8.com
URL: http://newgram.ttooqaz8.com/aa.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
c71c05df2658c16fd57f0de1c025b6c1247c964b898e5afcee40277aae3199a5
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newgram.ttooqaz8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 18:27:51 GMT
Content-Encoding
gzip
Server
apache
Etag
130e54856bb209f1e35005aa33f32cfe
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11136
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=623132876&si=4670e3ccbeb33eac2e0ce219dedc53bb&v=1.2.93&lv=1&sn=10553&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fnewgram.ttooqaz8.com%2Faa.html
Requested by
Host: newgram.ttooqaz8.com
URL: http://newgram.ttooqaz8.com/aa.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://newgram.ttooqaz8.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 May 2022 18:27:52 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
Primary Request /
21dw.vip/ 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://21dw.vip/
Requested by
Host: newgram.ttooqaz8.com
URL: http://newgram.ttooqaz8.com/aa.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.163.45.99 , United States, ASN395776 (FEDERAL-ONLINE-GROUP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
1a3060cb6b1af96d5016861a7c492849b6cd35cdeff58f99a62135d60cc900ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://newgram.ttooqaz8.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 26 May 2022 18:27:54 GMT
etag
W/"6289c8c0-5436"
last-modified
Sun, 22 May 2022 05:23:12 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.gif
hm.baidu.com/ 		0
0
hm.js
cdn.promotesearchs.com/mgldy/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.promotesearchs.com/mgldy/js/hm.js
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3ec623dc7af885a3ba05ae44381a8e550e0bb5f8232fdb17f19a50aea894a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
41909
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 26 Oct 2021 12:39:47 GMT
server
cloudflare
etag
W/"6177f713-8db7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRclMOLz6Q0UAuo0RY1t0q4VXsT7Qw36vTD6SiBQF2L0auvju5y3em4CYAtyq59aY1dIJzRH79QXkfm74oZh6ooXEDZya3UMeJmE5tyCe0xTJumw%2Bgabi0WUkz776qzZkuJgcXFftNQgtT18%2F%2BVA%2F4WRKOSA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
access-control-allow-credentials
true
cf-ray
7118914a0b083752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Thu, 26 May 2022 18:49:25 GMT
z_stat.php
s9.cnzz.com/ 		0
0
logo_01tv.png
cdn.promotesearchs.com/01tv/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/01tv/images/logo_01tv.png
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cf301cf86b98cd1b4db79e97aa394ae5d087fde77bffa4b66fc4237d3eb1c85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456870
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20544
last-modified
Thu, 31 Mar 2022 15:14:04 GMT
server
cloudflare
etag
"6245c53c-5040"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VppyJwuM%2Bedu8T7QB9r0Kjk71RLVArzNuQ89jv7JYqiCeXD4ckoYRj6%2F8S6SeQhbOTuHAq3xwIEgMjUVC4ft3HfM8Ch5PjbzYOOEGIkJUsGkiTjwT4jIgS4oHMwNxqHr%2BFEeYjOzfiu3wz5cnAi9R6UW4u%2Bd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7118914a5baa3752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Mon, 20 Jun 2022 11:33:24 GMT
background_a20.jpg
cdn.promotesearchs.com/promote/images/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/promote/images/background_a20.jpg
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6746087cce5cf4d779ffeed3d45004fe4b652eb142067441bd26b59e28cfb4f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
449535
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
222147
last-modified
Sat, 14 May 2022 03:55:16 GMT
server
cloudflare
etag
"627f2824-363c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgLlgVZlcT2ebkLaNpGm6whyKshyqfefShkXDi8ZAF54IShGhTKKSXCgI%2Boo%2FGqIfznltf7ubrcKlbtyyk3oyjhMQGAcmh9mOnzGQx5xFMoVGMY6rqoiiN9sGypBR4xyqLVuMwc4YVogy%2Fzal0lI65zaEoOn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7118914a5bab3752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Mon, 20 Jun 2022 13:35:39 GMT
01tv-wenzi.png
cdn.promotesearchs.com/01tv/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/01tv/images/01tv-wenzi.png
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7680fb42a376ab454f6f94f388ddc747b4fb9c173c47c5c25ef97c9a0b9864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77460
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19763
last-modified
Fri, 01 Apr 2022 05:42:05 GMT
server
cloudflare
etag
"624690ad-4d33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMPb1sHV3qwXGSZeoK3pauMnAIK2T0nKjCRmTBuZniTGUAbt%2FjgPSSur6G%2BXby8ch%2BJtDTNQBo0huN4VMNFyLthSXkex%2FgYgL4aeZVABF57nuCYBfmJ9%2BtQq8skiRhWe44kZYesAOBcr5AjyNOwv3kj2vGwQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7118914a5bae3752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Fri, 24 Jun 2022 20:56:54 GMT
and.png
cdn.promotesearchs.com/promote/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/promote/images/and.png
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32d295bc6d5d56bc030dd082f9988a72d34ecf0110dc87bb79a427ba1657b919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456868
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2584
last-modified
Sat, 30 Apr 2022 11:19:14 GMT
server
cloudflare
etag
"626d1b32-a18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xdCAbclfnNfeSBB0dSDbzgxKM1NMp3MRHuGU1Ez4Ii11kWxyphnQrNxkVHhY4jXBCNfgRFxOXlTggFRocYsSf43QR7hUBzjzJZ%2BEyLTaWvoGALxenfYnK%2F%2BcunGXMTqCntVC29IQhy%2BwQSuJ%2BG97%2FBrfh2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7118914a5bb03752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Mon, 20 Jun 2022 11:33:26 GMT
ios.png
cdn.promotesearchs.com/promote/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/promote/images/ios.png
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a83ca9390ebf3d3c8cdc9c06613ca65a761d39e44440442070f2da06da7bcf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456868
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2848
last-modified
Sat, 30 Apr 2022 11:19:49 GMT
server
cloudflare
etag
"626d1b55-b20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOoLcSVK%2FWzJh1bZfjqCZikmHkEMPXDN1q3dSkxkn4tIObiI0cjjDvGa8UhEoc3D5QUCWdnAue8EhnQLGZjdjVx2w5oQ0taqtuQvkQUbmKqIM%2FPJNqj4q15xYdCqjQDNvR5eEu2jnFqJ%2FZmgmcAxyjo9oyRv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7118914a5bb13752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Mon, 20 Jun 2022 11:33:26 GMT
mand.png
cdn.promotesearchs.com/promote/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/promote/images/mand.png
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc665853829d08e431c0619dd126382719098659173b59e1ebd94d596ee66740

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456868
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2489
last-modified
Sat, 30 Apr 2022 11:19:35 GMT
server
cloudflare
etag
"626d1b47-9b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rbzSUjByOFns0JKRZG%2BFvvApRpSpCsZ7OjMHKT26q9%2B7yRhLHqCcGa6W7AOukjKNO73g6Ug5aMjHnXovy7ujGXDO1FZKneL1GFD4K%2BycZzkL1wD05oSLMwC7eSG4i8LhZRLI9h41J8TCfsqMFXpUIchgy1j"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7118914a5bb23752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Mon, 20 Jun 2022 11:33:26 GMT
mios.png
cdn.promotesearchs.com/promote/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/promote/images/mios.png
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41d0c71fbdacd2598d73b1315b0e29be1ad63523121266078014b4b8551ff4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456868
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3098
last-modified
Sat, 30 Apr 2022 11:19:23 GMT
server
cloudflare
etag
"626d1b3b-c1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bb9dmFV2SbidR00tVwoy3v5aDAt2EeyjEQMZEihLwfQli%2BL446QeIni4b3GpGoFBaHES2Vgx6JOcEj9upPnxsp5HLIpeL4o8T3iVD20r4JNnXSXp6ePGSBQHCgceZcWga6HelFBH6ymSdxAECS%2FAGeK%2Fl3d4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7118914a5bb33752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Mon, 20 Jun 2022 11:33:26 GMT
andtips.jpg
cdn.promotesearchs.com/promote/images/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/promote/images/andtips.jpg
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ddb0cf350bcd8f6fae41521e49810d24f1ca7a7b594770f5ad44ae4aad56a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456866
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76806
last-modified
Sat, 30 Apr 2022 11:19:09 GMT
server
cloudflare
etag
"626d1b2d-12c06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqy8bnvaE%2Bi1FOV6OIQY%2BacHud0jzwUK3%2BfK7S1YvsKzGaGrDj%2Ba2SyVhxVINJnA3JXGKJAavvNhoP8QRhCS38qUgrD4RodXiB1VDoQfa12DWVK%2F0GNjjvWheDV46a0ZIPxP7B8CzBdlmJPvEUtrIZ3miJog"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7118914a5bb53752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Mon, 20 Jun 2022 11:33:28 GMT
jquery.js
congxuan.oss-cn-beijing.aliyuncs.com/promote/ 		0
0
qrcode.js
congxuan.oss-cn-beijing.aliyuncs.com/promote/ 		0
0
call11.js
cdn.promotesearchs.com/promote/js/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.promotesearchs.com/promote/js/call11.js
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba201312fa0f3cfb7047b1ea23f3be9c13073b82134450e5895354df321383c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
34245
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 11 Apr 2022 17:01:31 GMT
server
cloudflare
etag
W/"62545eeb-e013"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWV6afSCjV9KiNDp5W0ykl%2FBMglQQtytsNnix5pIB1U2l5qKvmY%2BwOTIrhI%2FqJHHYpKdHzK3KRB%2B%2BmYYxj9qRbK0Rr2KZZasWtuG82Cd89bhtTCR4D7xANcTnjo1SvdESs1g7Mx6pTAW5Pf%2BL5JyxcxQGdD%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
access-control-allow-credentials
true
cf-ray
7118914a4ba63752-MXP
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Thu, 26 May 2022 20:57:09 GMT
axios.min.js
unpkg.com/axios@0.27.2/dist/
Redirect Chain
  • https://unpkg.com/axios/dist/axios.min.js
  • https://unpkg.com/axios@0.27.2/dist/axios.min.js
20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@0.27.2/dist/axios.min.js
Requested by
Host: 21dw.vip
URL: https://21dw.vip/
Protocol
H2
Server
2606:4700::6810:7eaf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e373b70a5167485c73a265421bcfcd1fdddbae49c9c51605e6d2918a3de4ae0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://21dw.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 18:27:54 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
2535958
fly-request-id
01G1N7HWPGAMWEQJCJ8FMTVTDA-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"511b-FCNxITHKHBRxCXquG/QTMqrMtJE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7118914adf4f2325-ZRH

Redirect headers

date
Thu, 26 May 2022 18:27:54 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G40SRSTJK81F4Q5WSRF3893Q-fra
server
cloudflare
age
268
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/axios@0.27.2/dist/axios.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7118914aaf0a2325-ZRH
access-control-allow-origin
*
hm.gif
hm.baidu.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?hca=5AE50F4E43516BFE&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=1768%2C1768&et=3&ja=0&ln=en-us&lo=0&rnd=207263593&si=4670e3ccbeb33eac2e0ce219dedc53bb&v=1.2.93&lv=1&sn=10553&r=0&ww=1600&u=http%3A%2F%2Fnewgram.ttooqaz8.com%2Faa.html
Domain
s9.cnzz.com
URL
https://s9.cnzz.com/z_stat.php?id=1281117501&web_id=1281117501
Domain
congxuan.oss-cn-beijing.aliyuncs.com
URL
https://congxuan.oss-cn-beijing.aliyuncs.com/promote/jquery.js
Domain
congxuan.oss-cn-beijing.aliyuncs.com
URL
https://congxuan.oss-cn-beijing.aliyuncs.com/promote/qrcode.js
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2037360776&si=5a125a2c8cfc9a42221119aacfe8b62f&su=http%3A%2F%2Fnewgram.ttooqaz8.com%2F&v=1.2.88&lv=1&sn=10555&r=0&ww=1600&ct=!!&u=https%3A%2F%2F21dw.vip%2F

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation boolean| _bdhm_loaded_5a125a2c8cfc9a42221119aacfe8b62f object| _hmt object| mini_tangram_log_49p6rp

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 5AE50F4E43516BFE
.newgram.ttooqaz8.com/ Name: Hm_lvt_4670e3ccbeb33eac2e0ce219dedc53bb
Value: 1653589673
.newgram.ttooqaz8.com/ Name: Hm_lpvt_4670e3ccbeb33eac2e0ce219dedc53bb
Value: 1653589673
.21dw.vip/ Name: Hm_lvt_5a125a2c8cfc9a42221119aacfe8b62f
Value: 1653589675
.21dw.vip/ Name: Hm_lpvt_5a125a2c8cfc9a42221119aacfe8b62f
Value: 1653589675