z-enfant.com Open in urlscan Pro
172.67.206.145 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bandotjelaspola.lol/
Effective URL:
https://z-enfant.com/
Submission: On May 29 via api (May 29th 2024, 1:56:53 am UTC) from LU — Scanned from DE

Summary HTTP 10 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 10 HTTP transactions. The main IP is 172.67.206.145, located in United States and belongs to CLOUDFLARENET, US. The main domain is z-enfant.com.
TLS certificate: Issued by E1 on May 25th 2024. Valid for: 3 months.

This is the only time z-enfant.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.135.132 172.67.135.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.206.145 172.67.206.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	188.114.97.3 188.114.97.3	() ()
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	172.67.162.223 172.67.162.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
10	7

1 172.67.135.132 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bandotjelaspola.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.206.145 (United States)

ASN13335 (CLOUDFLARENET, US)

z-enfant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (None, )

ASN- ()

imgsaya.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.162.223 (United States)

ASN13335 (CLOUDFLARENET, US)

imgku.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 421	79 KB
2	gstatic.com fonts.gstatic.com	512 KB
2	imgsaya.io imgsaya.io	85 KB
1	imgku.io imgku.io — Cisco Umbrella Rank: 67965	400 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	581 B
1	z-enfant.com z-enfant.com	2 KB
1	bandotjelaspola.lol 1 redirects bandotjelaspola.lol	468 B
10	7

	Domain	Requested by
3	cdn.ampproject.org	z-enfant.com cdn.ampproject.org
2	fonts.gstatic.com	fonts.googleapis.com
2	imgsaya.io	z-enfant.com
1	imgku.io	z-enfant.com
1	fonts.googleapis.com	z-enfant.com
1	z-enfant.com
1	bandotjelaspola.lol	1 redirects
10	7

This site contains links to these domains. Also see Links.

Domain
linkrjb.me
bit.ly
165.22.105.116
pierre-markuse.net

Subject Issuer	Validity	Valid
z-enfant.com E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
imgsaya.io GTS CA 1P5	`2024-05-12` - `2024-08-10`	3 months	crt.sh
misc-sni.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
imgku.io GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://z-enfant.com/
Frame ID: 5EBA55FFC3D505AE7F8C20DEB93B1AC1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RAJABANDOT - Bandar Togel Online Slot Dan Casino Paling Gampang Menang Setiap Hari

Page URL History Show full URLs

http://bandotjelaspola.lol/ HTTP 307
https://bandotjelaspola.lol/ HTTP 301
https://z-enfant.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

10
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

1079 kB
Transfer

1811 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://linkrjb.me/hoki1
Title: LOGIN

Search URL Search Domain Scan URL

URL: https://linkrjb.me/hoki2
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://bit.ly/RajaAPK
Title: DOWNLOAD APP

Search URL Search Domain Scan URL

URL: https://165.22.105.116/
Title: LINK ALTERNATIF 1

Search URL Search Domain Scan URL

URL: https://pierre-markuse.net/
Title: LINK ALTERNATIF2

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bandotjelaspola.lol/ HTTP 307
https://bandotjelaspola.lol/ HTTP 301
https://z-enfant.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
z-enfant.com/
Redirect Chain

http://bandotjelaspola.lol/
https://bandotjelaspola.lol/
https://z-enfant.com/

6 KB
2 KB

157ms
95ms

Document
text/html

172.67.206.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://z-enfant.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.206.145 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.14

Resource Hash

8f25ef6c45e65cefa41cc3a2a465dd8bec93957feeb0f2fabaa85445e33c9dfe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: No User Agent.

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 88b2debdcab935e4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 29 May 2024 01:56:48 GMT
expires: Wed, 29 May 2024 02:56:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xojgmbl2qUvoj%2B7GYefLaL9LNb3%2B35%2FuschNZ86T8ZgyVB9ujRAXcqsKeIoZJ8S6CmEDSvXAp7HtDVE0Gxbhg2pmH14233YLg3W8WIntFet2qTL0d7AfgK1breTV0JI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.14
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=3600
cf-ray: 88b2debd2e3b9954-FRA
content-length: 167
content-type: text/html
date: Wed, 29 May 2024 01:56:48 GMT
expires: Wed, 29 May 2024 02:56:48 GMT
location: https://z-enfant.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZq%2BfEufB4wy4jLhIfBQ6hqalo86JeUcm0xpqEDlyPTOfAX6X9MPG8tLxoqdd77fpvMNUeZrom7QVC3CteUWUZOQOprx7uZqhTbTQ%2FwNh4I%2BuBtyZ6K6vVAIsTkZ5WETAF0MrsQ7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ 530 B
581 B 133ms
46ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: z-enfant.com
URL: https://z-enfant.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29fc1f61bfde497d6df0feeacd74bd8c8a98a944b4721d2e6b210e86d49c2d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://z-enfant.com/
User-Agent: No User Agent.

Response headers

date: Wed, 29 May 2024 01:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Wed, 29 May 2024 01:56:49 GMT

GET
H3 200 1TEAKVpj.webp
imgsaya.io/download/ 79 KB
80 KB 4369ms
4313ms Image
image/webp 188.114.97.3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgsaya.io/download/1TEAKVpj.webp

Requested by

Host: z-enfant.com
URL: https://z-enfant.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

765b8bee2242ceec8b14ad8d5d175a7b70c0989907303a453f88cf993e22fee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://z-enfant.com/
User-Agent: No User Agent.

Response headers

date: Wed, 29 May 2024 01:56:53 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: MISS
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000f12b110ec03164d9-0066567401-a2c45-default
x-ratelimit-remaining-second: 247
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 80638
x-xss-protection: 1; mode=block
last-modified: Thu, 02 May 2024 11:50:55 GMT
server: cloudflare
etag: "5c1ff73a2acbd32ff70e972544c9fce8"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCHxyJnxwAn0q5VJc5HojV8tz%2BH9q3Sva6BlyvWyG4sjg2ocfBuL%2FIN57Z89BsgDRzAbkRHZIn%2FgPBEHzUpLbegJNW%2BWGO73GKW1DqaywR%2F1%2B4UOJHonjPRdG7NV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 88b2debec858bbbb-FRA
ratelimit-remaining: 247
x-proxy-cache: HIT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
73 KB 208ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: z-enfant.com
URL: https://z-enfant.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11e66704977ef23c28031fae0b6c874e7f7d509db29c6139f1c6a52a48e60bed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://z-enfant.com/
User-Agent: No User Agent.

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 29 May 2024 01:56:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73170
x-xss-protection: 0
server: sffe
etag: "315056f9c7bc2027"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 29 May 2024 01:56:49 GMT

GET
H3 200 xHqmWD2C.jpg
imgku.io/download/ 399 KB
400 KB 102ms
48ms Image
image/jpeg 172.67.162.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgku.io/download/xHqmWD2C.jpg

Requested by

Host: z-enfant.com
URL: https://z-enfant.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.223 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

250fb647569874a8be2c0eeeb4e2c77eb5d74508b3f99578a1c84cb2b3f01aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://z-enfant.com/
User-Agent: No User Agent.

Response headers

date: Wed, 29 May 2024 01:56:49 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: HIT
x-ratelimit-limit-second: 250
x-amz-request-id: tx0000012c262156461af9b-0065f249c3-a2c6d-default
age: 5812
x-ratelimit-remaining-second: 245
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 408604
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Feb 2024 09:29:09 GMT
server: cloudflare
etag: "1fb60a24ea963f921a598fd75a088f33"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oMSO0jjcBt%2Bt4M39mTDDlQxBXGB2WbYp7ar6k5YPfwSjlKUr0eMg3ZY1aGdwnlOmmHkv16MlBse6xDj3rpgo%2FYTeOWTSJQUgGpRO7SpBm1rV%2F8USLwPngclmiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 88b2debf9ceb1e4b-FRA
ratelimit-remaining: 245
x-proxy-cache: HIT

GET
H2 200 o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyAaBN9d.ttf
fonts.gstatic.com/s/notosans/v36/ 512 KB
255 KB 171ms
84ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyAaBN9d.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6669499588ca98516162540b3734946ba46e0f88e854aa8d4ab835c8c0bf3989

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://z-enfant.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: No User Agent.

Response headers

date: Tue, 28 May 2024 14:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260471
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:37:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 May 2025 14:55:26 GMT

GET
H2 200 o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A99d.ttf
fonts.gstatic.com/s/notosans/v36/ 512 KB
257 KB 126ms
39ms Font
font/ttf 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A99d.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff73018fb9b0a84e6a4ba87c83b005c43fe860c73028b87923024966681943e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://z-enfant.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: No User Agent.

Response headers

date: Tue, 28 May 2024 14:52:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 262434
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:33:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 May 2025 14:52:45 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012405160547000/v0/ 8 KB
3 KB 122ms
43ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405160547000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

81b4619d607fd5348931940bb7d441c89d22c6e4539bd1a7085cb241253d09e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z-enfant.com/
Origin: https://z-enfant.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: No User Agent.

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 May 2024 19:02:34 GMT
age: 24855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2978
x-xss-protection: 0
server: sffe
etag: "a39776d601cc4efc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 May 2025 19:02:34 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012405160547000/v0/ 12 KB
4 KB 119ms
41ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405160547000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

2d5188df741b04871c94ba4a944afcbb6d60dcccae13ebfe2b12c3b8797f2d7d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://z-enfant.com/
Origin: https://z-enfant.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: No User Agent.

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 May 2024 19:02:34 GMT
age: 24855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: sffe
etag: "466656022f1e0202"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 May 2025 19:02:34 GMT

GET
H3 200 N0rgbfGK.png
imgsaya.io/download/ 5 KB
6 KB 48ms
48ms Other
image/png 188.114.97.3

General

Check archive.org

Show headers Download Go to

Full URL

https://imgsaya.io/download/N0rgbfGK.png

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

331549f45d066549eab13a1244230dda23d18c0f9e54acf822c7d20908bbcaaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://z-enfant.com/
User-Agent: No User Agent.

Response headers

date: Wed, 29 May 2024 01:56:53 GMT
ratelimit-reset: 1
x-content-type-options: nosniff
strict-transport-security: max-age=16000000; includeSubDomains; preload;
cf-cache-status: HIT
x-ratelimit-limit-second: 250
x-amz-request-id: tx00000778158393b8aaff2-00660b54b0-a05b6-default
age: 3027
x-ratelimit-remaining-second: 249
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
ratelimit-limit: 250
alt-svc: h3=":443"; ma=86400
content-length: 5175
x-xss-protection: 1; mode=block
last-modified: Wed, 27 Mar 2024 09:37:44 GMT
server: cloudflare
etag: "1838f794c1ad069ca2fd8c58c3462067"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S3n6NtBfluYSePJ0sgHysTE3AB8SEUMVwz4vSPwBafoyhKIiou5t9MRtGDaVlz6RGLc6jUtM3e785lmxS0nSRVdEyqwfNd8B5XVMLNzdUudy3PlEvFTcayqFWkTU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: max-age=14400
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 88b2deda3f7bbbbb-FRA
ratelimit-remaining: 249
x-proxy-cache: HIT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bandotjelaspola.lol
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
imgku.io
imgsaya.io
z-enfant.com
142.250.184.225
172.67.135.132
172.67.162.223
172.67.206.145
188.114.97.3
2a00:1450:4001:800::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:831::2001
11e66704977ef23c28031fae0b6c874e7f7d509db29c6139f1c6a52a48e60bed
250fb647569874a8be2c0eeeb4e2c77eb5d74508b3f99578a1c84cb2b3f01aa1
29fc1f61bfde497d6df0feeacd74bd8c8a98a944b4721d2e6b210e86d49c2d6c
2d5188df741b04871c94ba4a944afcbb6d60dcccae13ebfe2b12c3b8797f2d7d
331549f45d066549eab13a1244230dda23d18c0f9e54acf822c7d20908bbcaaa
6669499588ca98516162540b3734946ba46e0f88e854aa8d4ab835c8c0bf3989
765b8bee2242ceec8b14ad8d5d175a7b70c0989907303a453f88cf993e22fee1
81b4619d607fd5348931940bb7d441c89d22c6e4539bd1a7085cb241253d09e1
8f25ef6c45e65cefa41cc3a2a465dd8bec93957feeb0f2fabaa85445e33c9dfe
ff73018fb9b0a84e6a4ba87c83b005c43fe860c73028b87923024966681943e3

z-enfant.com Open in urlscan Pro 172.67.206.145 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

38 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

1079 kBTransfer

1811 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

z-enfant.com Open in urlscan Pro
172.67.206.145 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

1079 kB
Transfer

1811 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions