www.c21media.net Open in urlscan Pro
2606:4700:10::ac43:2132  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.c21media.net/hotmail-login/	72 KB 24 KB	271ms 127ms	Document text/html	2606:4700:10::ac43:2132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.c21media.net/hotmail-login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81fb9ab8ce252cee39413506ff3c9ca1414fc963181b64e247c4afb916458b1c Security Headers Name Value Content-Security-Policy default-src * data:; media-src * data: blob:; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.newrelic.com mercure.radio.co *.googleapis.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.gstatic.com *.iubenda.com *.google-analytics.com *.cloudflareinsights.com *.c21media.net c21media.net *.googletagmanager.com *.cloudflare.com *.radio.co *.bootstrapcdn.com *.nr-data.net *.twitter.com *.cloudfront.net blob:; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language en-GB,en;q=0.9 Response headers date Tue, 16 Nov 2021 17:14:18 GMT content-type text/html cf-ray 6af25ad93b883760-MXP last-modified Thu, 11 Nov 2021 11:28:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status BYPASS cf-apo-via origin,no-cache content-security-policy default-src * data:; media-src * data: blob:; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.newrelic.com mercure.radio.co *.googleapis.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.gstatic.com *.iubenda.com *.google-analytics.com *.cloudflareinsights.com *.c21media.net c21media.net *.googletagmanager.com *.cloudflare.com *.radio.co *.bootstrapcdn.com *.nr-data.net *.twitter.com *.cloudfront.net blob:; expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-content-type-options nosniff x-frame-options SAMEORIGIN vary Accept-Encoding server cloudflare content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
HEAD H2	200	/ Show response www.c21media.net/hotmail-login/	0 42 B	130ms 130ms	XHR text/html	2606:4700:10::ac43:2132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.c21media.net/hotmail-login/ Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src * data:; media-src * data: blob:; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.newrelic.com mercure.radio.co *.googleapis.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.gstatic.com *.iubenda.com *.google-analytics.com *.cloudflareinsights.com *.c21media.net c21media.net *.googletagmanager.com *.cloudflare.com *.radio.co *.bootstrapcdn.com *.nr-data.net *.twitter.com *.cloudfront.net blob:; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/hotmail-login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:14:18 GMT content-encoding br x-content-type-options nosniff cf-cache-status BYPASS last-modified Thu, 11 Nov 2021 11:28:38 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type text/html vary Accept-Encoding cf-apo-via origin,no-cache content-security-policy default-src * data:; media-src * data: blob:; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.newrelic.com mercure.radio.co *.googleapis.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.gstatic.com *.iubenda.com *.google-analytics.com *.cloudflareinsights.com *.c21media.net c21media.net *.googletagmanager.com *.cloudflare.com *.radio.co *.bootstrapcdn.com *.nr-data.net *.twitter.com *.cloudfront.net blob:; strict-transport-security max-age=31536000; includeSubDomains; preload cf-ray 6af25ada7e9f3760-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	rocket-loader.min.js Show response www.c21media.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	70ms 69ms	Script application/javascript	2606:4700:10::ac43:2132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.c21media.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/hotmail-login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:14:18 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 15 Nov 2021 16:17:34 GMT server cloudflare etag W/"6192881e-302c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY content-type application/javascript cache-control max-age=172800, public cf-ray 6af25ada7ead3760-MXP vary Accept-Encoding expires Thu, 18 Nov 2021 17:14:18 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	13 KB 5 KB	221ms 94ms	Script text/javascript	2606:4700::6810:5f41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Referer https://www.c21media.net/ Origin https://www.c21media.net Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:14:18 GMT content-encoding gzip last-modified Fri, 22 Oct 2021 22:23:12 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6af25adb3ada374d-MXP
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	144ms 53ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-143602240-1 Requested by Host: www.c21media.net URL: https://www.c21media.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a2a1173cdcbbca18e0ab74aaa8bf5b07357b96e4c02d50fab2754d02f4d6dd37 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:14:18 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36161 x-xss-protection 0 last-modified Tue, 16 Nov 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 16 Nov 2021 17:14:18 GMT
GET H2	200	/ Show response oackoubs.com/5/4385501/	3 KB 2 KB	204ms 65ms	XHR application/json	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://oackoubs.com/5/4385501/?oo=1&aab=1 Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 57e12a6bc43c4cd550901745d05797569dbe08f04b3418bac307b9b5e06c0cfb Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-trace-id a2627b5a727091d159476d7d7b4c91c9 pragma no-cache, no-cache date Tue, 16 Nov 2021 17:14:19 GMT content-encoding gzip server nginx link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch" access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.c21media.net cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
GET		tag.min.js oackoubs.com/	0 0
GET H/1.1	200 OK	76603.html Show response emccgujavc.xyz/pages/98/pages/ Frame 1D95	7 KB 2 KB	151ms 36ms	Document text/html	188.42.224.50 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://emccgujavc.xyz/pages/98/pages/76603.html Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 188.42.224.50 , Luxembourg, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx / Resource Hash 6cbddd735f8b38b06ead74b1a42f7d854788ba0093d923a117aa1950b7a3df1f Security Headers Name Value Strict-Transport-Security max-age=1 max-age=1 X-Content-Type-Options nosniff nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ Response headers Server nginx Date Tue, 16 Nov 2021 17:14:18 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Strict-Transport-Security max-age=1 max-age=1 X-Content-Type-Options nosniff nosniff Timing-Allow-Origin * * Content-Encoding gzip
GET		bundle.css emccgujavc.xyz/	0 0
GET H2	200	WindowsLiveHotmail.jpg posterspy.com/wp-content/uploads/2020/04/	14 KB 14 KB	396ms 108ms	Image image/jpeg	64.111.122.188 DREAMHOST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://posterspy.com/wp-content/uploads/2020/04/WindowsLiveHotmail.jpg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 64.111.122.188 , United States, ASN26347 (DREAMHOST-AS, US), Reverse DNS ps471143.dreamhostps.com Software Apache / Resource Hash c3597c6824d0e93de967c015b688f7d4742ac9ae6f7cc686acc5a5d6032dcbb1 Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:14:19 GMT last-modified Tue, 14 Apr 2020 13:46:07 GMT server Apache etag "36ee-5a3406bee958f" vary User-Agent content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 14062 expires Thu, 16 Dec 2021 17:14:19 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Content-Type image/gif
GET		styles.css faipeeji.com/	0 0
POST H2	200	rum Show response www.c21media.net/cdn-cgi/	0 191 B	71ms 71ms	XHR text/plain	2606:4700:10::ac43:2132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.c21media.net/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.c21media.net/hotmail-login/ Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 content-type application/json Response headers date Tue, 16 Nov 2021 17:14:18 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://www.c21media.net access-control-max-age 86400 access-control-allow-credentials true cf-ray 6af25adc0a353760-MXP vary Origin
GET H/1.1	200 OK	header.png faipeeji.com/	69 KB 70 KB	334ms 129ms	Image image/png	139.45.197.81 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://faipeeji.com/header.png?aHR0cHM6Ly9qb210aW5naS5uZXQvYXB1LnBocD96b25laWQ9NDM4NTUwMiZvZj0x Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.81 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 817ebf6f8c5297e6fa9b6fabb7f432a414e1d6fcfb0c215ac594912092066c7a Security Headers Name Value Strict-Transport-Security max-age=1, max-age=1, max-age=1 X-Content-Type-Options nosniff, nosniff, nosniff Request headers Referer https://www.c21media.net/ Origin https://www.c21media.net Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Tue, 16 Nov 2021 17:14:19 GMT Strict-Transport-Security max-age=1, max-age=1, max-age=1 X-Content-Type-Options nosniff, nosniff, nosniff Connection keep-alive Content-Length 70650 X-Trace-Id 0821cc1baeabd416f2a8e2de7c395e4e Pragma no-cache Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding Server nginx Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/png Access-Control-Allow-Origin https://www.c21media.net Access-Control-Allow-Credentials true Timing-Allow-Origin *, *, *, * Link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	132ms 40ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-143602240-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4392 date Tue, 16 Nov 2021 16:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 16 Nov 2021 18:01:06 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 207 B	48ms 47ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=610149289&t=pageview&_s=1&dl=https%3A%2F%2Fwww.c21media.net%2Fhotmail-login%2F&ul=en-us&de=UTF-8&dt=Hotmail%20-%20Hotmail%20Login%20-%20Hotmail%20Signup%20-%20www.Hotmail.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1756575761&gjid=637763798&cid=931188430.1637082859&tid=UA-143602240-1&_gid=1202897161.1637082859&_r=1&gtm=2ouba1&z=1792268686 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.c21media.net/ Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 16 Nov 2021 17:14:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.c21media.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/	65 B 546 B	215ms 76ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=9414bc6e5904407da31369fb4092948c Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash d5fcac1713cfe38adbfe1fea95ad69870ce2dc5dba12f84d06bae8d5ab54ee77 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:14:19 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=1 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://www.c21media.net access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H/1.1	200 OK	/ Show response denetsuk.com/article/ Frame 7CB4	7 KB 2 KB	266ms 64ms	Document text/html	139.45.197.90 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://denetsuk.com/article/ Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.90 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 6cbddd735f8b38b06ead74b1a42f7d854788ba0093d923a117aa1950b7a3df1f Security Headers Name Value Strict-Transport-Security max-age=1 max-age=1 X-Content-Type-Options nosniff nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ Response headers Server nginx Date Tue, 16 Nov 2021 17:14:19 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Strict-Transport-Security max-age=1 max-age=1 X-Content-Type-Options nosniff nosniff Timing-Allow-Origin * * Content-Encoding gzip
GET H/1.1	200 OK	/ Show response faipeeji.com/74783/0NaN/8584/5847/ Frame 74E3	7 KB 2 KB	64ms 64ms	Document text/html	139.45.197.81 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://faipeeji.com/74783/0NaN/8584/5847/ Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.81 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 6cbddd735f8b38b06ead74b1a42f7d854788ba0093d923a117aa1950b7a3df1f Security Headers Name Value Strict-Transport-Security max-age=1 max-age=1 X-Content-Type-Options nosniff nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ Response headers Server nginx Date Tue, 16 Nov 2021 17:14:19 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Strict-Transport-Security max-age=1 max-age=1 X-Content-Type-Options nosniff nosniff Timing-Allow-Origin * * Content-Encoding gzip
GET H/1.1	200 OK	header.png faipeeji.com/	2 KB 3 KB	73ms 72ms	Image image/png	139.45.197.81 RETN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://faipeeji.com/header.png?aHR0cHM6Ly9mYWlwZWVqaS5jb20vbG9nLmpzP3o9NDM4NTUwMiZmPW9uY2xpY2s= Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.81 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 82123d231012550e349e6095924f25a1ae85c86c5657d0f09adb8ad6bb28be96 Security Headers Name Value Strict-Transport-Security max-age=1, max-age=1, max-age=1, max-age=1 X-Content-Type-Options nosniff, nosniff, nosniff, nosniff Request headers Referer https://www.c21media.net/ Origin https://www.c21media.net Accept-Language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Tue, 16 Nov 2021 17:14:19 GMT X-Content-Type-Options nosniff, nosniff, nosniff, nosniff Server nginx Strict-Transport-Security max-age=1, max-age=1, max-age=1, max-age=1 Content-Type image/png Access-Control-Allow-Origin https://www.c21media.net Access-Control-Allow-Credentials true Connection keep-alive Timing-Allow-Origin *, *, *, * Content-Length 1954
POST H/1.1	200 OK	clc4y9clkuw.php Show response faipeeji.com/ Frame 81C2	0 336 B	65ms 65ms	XHR text/plain	139.45.197.81 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://faipeeji.com/clc4y9clkuw.php Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.81 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1, max-age=1 X-Content-Type-Options nosniff, nosniff Request headers Referer Accept-Language en-GB,en;q=0.9 X-Log-Type request User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type application/json Response headers Date Tue, 16 Nov 2021 17:14:20 GMT X-Content-Type-Options nosniff, nosniff Server nginx Strict-Transport-Security max-age=1, max-age=1 Access-Control-Allow-Origin * Connection keep-alive Timing-Allow-Origin *, * Content-Length 0
OPTIONS H/1.1	200 OK	clc4y9clkuw.php faipeeji.com/ Frame	0 0	255ms 64ms	Preflight	139.45.197.81 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://faipeeji.com/clc4y9clkuw.php Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.81 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 max-age=1 X-Content-Type-Options nosniff nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-log-type Origin https://www.c21media.net User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Sec-Fetch-Mode cors Response headers Server nginx Date Tue, 16 Nov 2021 17:14:19 GMT Content-Length 0 Connection keep-alive Access-Control-Allow-Origin https://www.c21media.net Access-Control-Allow-Headers Token,Content-Type,X-Log-Type Access-Control-Allow-Credentials true Strict-Transport-Security max-age=1 max-age=1 X-Content-Type-Options nosniff nosniff Timing-Allow-Origin * *
GET H2	200	/ Show response jomtingi.net/	2 KB 2 KB	207ms 68ms	Fetch application/json	139.45.197.236 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://jomtingi.net/?rb=r4Utnsyv2pWKhFJMsjP0dZ_Hs5cLuK4p3WaoWrAkTvxgvWehQeJPoNgfdfaBiqdGtzH0oor9vCVJEXmhoYfqYD_MhH2BzI6BEFLSCkhxDAVNPimLSEhBVlCpJaieqgZ_o73z7_M8s58SfLZqVVrFZJViNY20Ipm4XKBWi-p2L7sz_sCWrdWG9thdCbVgtwszeM4b0kGOkVDOIwiqhvTYSnhi2dxUuFGA1w7PcGYWxPtGl2S8Ns-jlUC3vW90HazmlyjCy8zmAbUnuvCBUyO4xXSGXSKdVa8Mjfyr-g%3D%3D&zoneid=4385502&request_ab2=24203&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=https%3A%2F%2Fwww.c21media.net%2Fhotmail-login%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=2&bs=387e00aa-4e42-498d-b435-8276f55232bc&userId=9414bc6e5904407da31369fb4092948c&m=link Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 3844d44f0e9310a04746ddf887694b6fdc91b4a0412579f0c61502f18e19418d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 16 Nov 2021 17:14:19 GMT content-encoding gzip x-content-type-options nosniff access-control-max-age 86400 x-trace-id 1a78a44219902452a2feca16b60aaf94 pragma no-cache server nginx strict-transport-security max-age=1 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.c21media.net cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding expires Tue, 11 Jan 1994 10:00:00 GMT
GET H/1.1	204 No Content	favicon.ico akaiksots.com/	0 0	267ms 64ms	Fetch	139.45.197.187 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://akaiksots.com/favicon.ico Requested by Host: www.c21media.net URL: https://www.c21media.net/hotmail-login/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 139.45.197.187 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=60 X-Content-Type-Options nosniff Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Tue, 16 Nov 2021 17:14:20 GMT X-Content-Type-Options nosniff Server nginx Connection keep-alive Strict-Transport-Security max-age=60
GET H/1.1	200 OK	perf.gif perf.cdnads.com/	43 B 323 B	114ms 34ms	Image image/gif	178.162.156.35 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://perf.cdnads.com/perf.gif Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.156.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Accept-Language en-GB,en;q=0.9 Referer https://www.c21media.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Tue, 16 Nov 2021 17:14:20 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Content-Type image/gif Cache-Control max-age=86400 Connection keep-alive Timing-Allow-Origin * Content-Length 43 Expires Wed, 17 Nov 2021 17:14:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

oackoubs.com

URL

https://oackoubs.com/tag.min.js

Domain

emccgujavc.xyz

URL

https://emccgujavc.xyz/bundle.css?aHR0cHM6Ly9qb210aW5naS5uZXQvYXB1LnBocD96b25laWQ9NDM4NTUwMiZvZj0x

Domain

faipeeji.com

URL

https://faipeeji.com/styles.css?aHR0cHM6Ly9qb210aW5naS5uZXQvYXB1LnBocD96b25laWQ9NDM4NTUwMiZvZj0x

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| k object| _l1g0i77o7o9 object| ix8t8setnwn object| zfgformats function| setImmediate function| clearImmediate function| _kxygtdt function| _umzmym object| __cfQR object| __cfBeacon function| gtag object| dataLayer boolean| __cfRLUnblockHandlers function| zfgproxyhttp object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| _dvqw4dwiuee function| _vhorb6suqva function| _5hafwmd9ubt function| _wpewvg6vz9r function| onClickTrigger boolean| zfgloadedpopup

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.c21media.net/	1970-01-20 16:15:54	Name: _ga Value: GA1.2.931188430.1637082859
			.c21media.net/	1970-01-19 22:46:09	Name: _gid Value: GA1.2.1202897161.1637082859
			.c21media.net/	1970-01-19 22:44:42	Name: _gat_gtag_UA_143602240_1 Value: 1
			oackoubs.com/	1970-01-20 07:30:18	Name: OAID Value: c5be6a401c064f6496b8e0bbae8133b9
			oackoubs.com/	1970-01-20 07:30:18	Name: oaidts Value: 1637082859
			faipeeji.com/	1970-01-20 07:30:18	Name: OAID Value: 9414bc6e5904407da31369fb4092948c
			faipeeji.com/	1970-01-20 07:30:18	Name: oaidts Value: 1637082859
			my.rtmark.net/	1970-01-20 07:30:18	Name: ID Value: 9414bc6e5904407da31369fb4092948c
			jomtingi.net/	1970-01-20 07:30:18	Name: OAID Value: 9414bc6e5904407da31369fb4092948c
			jomtingi.net/	1970-01-20 07:30:18	Name: oaidts Value: 1637082859
			jomtingi.net/	1970-01-19 22:54:47	Name: syncedCookie Value: true

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to load the script 'https://oackoubs.com/tag.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.newrelic.com mercure.radio.co *.googleapis.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.gstatic.com *.iubenda.com *.google-analytics.com *.cloudflareinsights.com *.c21media.net c21media.net *.googletagmanager.com *.cloudflare.com *.radio.co *.bootstrapcdn.com *.nr-data.net *.twitter.com *.cloudfront.net blob:". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.c21media.net/hotmail-login/(Line 3) Message: Refused to load the stylesheet 'https://emccgujavc.xyz/bundle.css?aHR0cHM6Ly9qb210aW5naS5uZXQvYXB1LnBocD96b25laWQ9NDM4NTUwMiZvZj0x' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.googleapis.com data:". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security	error	URL: https://www.c21media.net/hotmail-login/(Line 3) Message: Refused to load the stylesheet 'https://faipeeji.com/styles.css?aHR0cHM6Ly9qb210aW5naS5uZXQvYXB1LnBocD96b25laWQ9NDM4NTUwMiZvZj0x' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.googleapis.com data:". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data:; media-src * data: blob:; style-src 'self' 'unsafe-inline' maxcdn.bootstrapcdn.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.googleapis.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com *.newrelic.com mercure.radio.co *.googleapis.com *.fontawesome.com *.jquery.com *.jsdelivr.net *.gstatic.com *.iubenda.com *.google-analytics.com *.cloudflareinsights.com *.c21media.net c21media.net *.googletagmanager.com *.cloudflare.com *.radio.co *.bootstrapcdn.com *.nr-data.net *.twitter.com *.cloudfront.net blob:;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akaiksots.com
denetsuk.com
emccgujavc.xyz
faipeeji.com
jomtingi.net
my.rtmark.net
oackoubs.com
perf.cdnads.com
posterspy.com
static.cloudflareinsights.com
www.c21media.net
www.google-analytics.com
www.googletagmanager.com
emccgujavc.xyz
faipeeji.com
oackoubs.com
139.45.195.8
139.45.197.187
139.45.197.236
139.45.197.239
139.45.197.81
139.45.197.90
178.162.156.35
188.42.224.50
2606:4700:10::ac43:2132
2606:4700::6810:5f41
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
64.111.122.188
3844d44f0e9310a04746ddf887694b6fdc91b4a0412579f0c61502f18e19418d
57e12a6bc43c4cd550901745d05797569dbe08f04b3418bac307b9b5e06c0cfb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbddd735f8b38b06ead74b1a42f7d854788ba0093d923a117aa1950b7a3df1f
817ebf6f8c5297e6fa9b6fabb7f432a414e1d6fcfb0c215ac594912092066c7a
81fb9ab8ce252cee39413506ff3c9ca1414fc963181b64e247c4afb916458b1c
82123d231012550e349e6095924f25a1ae85c86c5657d0f09adb8ad6bb28be96
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2a1173cdcbbca18e0ab74aaa8bf5b07357b96e4c02d50fab2754d02f4d6dd37
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
c3597c6824d0e93de967c015b688f7d4742ac9ae6f7cc686acc5a5d6032dcbb1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5fcac1713cfe38adbfe1fea95ad69870ce2dc5dba12f84d06bae8d5ab54ee77
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629