zgirls2.com Open in urlscan Pro
161.35.67.91 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yes.unos.baby/
Effective URL:
https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMD...
Submission: On January 15 via manual (January 15th 2023, 7:35:59 am UTC) from PL — Scanned from IT

Summary HTTP 23 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 23 HTTP transactions. The main IP is 161.35.67.91, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is zgirls2.com.
TLS certificate: Issued by R3 on November 18th 2022. Valid for: 3 months.

This is the only time zgirls2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:30	197695 (AS-REG) (AS-REG)
1	94.130.252.85 94.130.252.85	24940 (HETZNER-AS) (HETZNER-AS)
1 2	46.229.167.169 46.229.167.169	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	161.35.67.91 161.35.67.91	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
23	7

1 2a00:f940:2:2:1:1:0:30 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

yes.unos.baby	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.252.85 (Reilingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85.252.130.94.clients.your-server.de

scdgjfzry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.229.167.169 (Ashburn, United States) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

uhd2b8451auh.ggljjk.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

febatigr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link.date4me2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 161.35.67.91 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

zgirls2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	zgirls2.com zgirls2.com	1 MB
2	ggljjk.cc 1 redirects uhd2b8451auh.ggljjk.cc	2 KB
1	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	date4me2.com 1 redirects link.date4me2.com	967 B
1	febatigr.com febatigr.com — Cisco Umbrella Rank: 493459	12 KB
1	scdgjfzry.com scdgjfzry.com	1 KB
1	unos.baby 1 redirects yes.unos.baby	238 B
23	8

	Domain	Requested by
18	zgirls2.com	uhd2b8451auh.ggljjk.cc zgirls2.com
2	uhd2b8451auh.ggljjk.cc	1 redirects scdgjfzry.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	zgirls2.com
1	link.date4me2.com	1 redirects
1	febatigr.com	uhd2b8451auh.ggljjk.cc
1	scdgjfzry.com
1	yes.unos.baby	1 redirects
23	8

This site contains links to these domains. Also see Links.

Domain
storyloves.net

Subject Issuer	Validity	Valid
scdgjfzry.com R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.ggljjk.cc R3	`2022-11-19` - `2023-02-17`	3 months	crt.sh
febatigr.com R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh
zgirls2.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
Frame ID: 34384721BD5F7F53DF25A639DE12514D
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Storyloves

Page URL History Show full URLs

http://yes.unos.baby/ HTTP 301
https://scdgjfzry.com/1?r=31064 Page URL
https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6... Page URL
https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6... HTTP 302
https://link.date4me2.com/go/f6b51732-9c55-461a-b71f-25e81943991e?adult=1&app={app}&ccode=geoREPLACE&e... HTTP 302
https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

23
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

1500 kB
Transfer

1528 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://storyloves.net/policy
Title: Informativa sulla privacy

Search URL Search Domain Scan URL

URL: https://storyloves.net/terms
Title: Termini di utilizzo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yes.unos.baby/ HTTP 301
https://scdgjfzry.com/1?r=31064 Page URL
https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6290944614b246fe80ca3866b96d39&subpub=31064&subacc= Page URL
https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6290944614b246fe80ca3866b96d39&subpub=31064&subacc=&fingerprint_=796c55961ad4d26f9e26e4d3ccd064fe HTTP 302
https://link.date4me2.com/go/f6b51732-9c55-461a-b71f-25e81943991e?adult=1&app={app}&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid={gaid}&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895&subacc=31064 HTTP 302
https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://yes.unos.baby/ HTTP 301
https://scdgjfzry.com/1?r=31064

23 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

1 Show response
scdgjfzry.com/
Redirect Chain

http://yes.unos.baby/
https://scdgjfzry.com/1?r=31064

832 B
1 KB

111ms
36ms

Document
text/html

94.130.252.85
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://scdgjfzry.com/1?r=31064
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 94.130.252.85 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.85.252.130.94.clients.your-server.de
Software: /
Resource Hash: ae9909f2136f474aa3730618a7922b4a9423a1949cab15d371a5ff20461fce4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 832
Content-Type: text/html; charset=utf-8
Expires: 0
Pragma: no-cache
Referrer-Policy: no-referrer

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 15 Jan 2023 07:35:53 GMT
Location: https://scdgjfzry.com/1?r=31064
Server: nginx
X-Powered-By: PHP/7.4.28

GET
H2 200 / Show response
uhd2b8451auh.ggljjk.cc/ 1 KB
1 KB 421ms
125ms Document
text/html 46.229.167.169
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6290944614b246fe80ca3866b96d39&subpub=31064&subacc=
Requested by: Host: scdgjfzry.com
URL: https://scdgjfzry.com/1?r=31064
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.229.167.169 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: openresty /
Resource Hash: a636a00701447b1e8e0b12c3f349cc4cad7c3983d03a9382760c3f6854353a98

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private, no-transform,no-cache
content-length: 1246
content-type: text/html
date: Sun, 15 Jan 2023 07:35:54 GMT
referrer-policy: unsafe-url
server: openresty
x-edge-node: slave-us
x-node: slave-us

GET
H2 200 fingerprint2.2.1.0.min.js Show response
febatigr.com/content/!common_files/js/ 29 KB
12 KB 151ms
43ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://febatigr.com/content/!common_files/js/fingerprint2.2.1.0.min.js
Requested by: Host: uhd2b8451auh.ggljjk.cc
URL: https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6290944614b246fe80ca3866b96d39&subpub=31064&subacc=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b6c65ab685234e744044e9b94c2a52db31b84c54ff3a00044aa188012ad61365

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Sun, 15 Jan 2023 07:35:54 GMT
content-encoding: gzip
x-id: fr5-up-gc30
last-modified: Thu, 16 Jan 2020 09:58:32 GMT
server: nginx
etag: W/"5e2033c8-73a6"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-cached-since: 2023-01-15T07:18:41+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=345600
cache: HIT
x-edge-node: admin.production.local, slave-nl1
expires: Thu, 19 Jan 2023 07:35:54 GMT

GET
H2

200

Primary Request index.html Show response
zgirls2.com/landers/cd97db6cc8/
Redirect Chain

https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6290944614b246fe80ca3866b96d39&subpub=31064&subacc=&fingerprint_=796c55961ad4d26f9e26e4d3cc...
https://link.date4me2.com/go/f6b51732-9c55-461a-b71f-25e81943991e?adult=1&app={app}&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA...
https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&...

9 KB
3 KB

97ms
25ms

Document
text/html

161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895

Requested by

Host: uhd2b8451auh.ggljjk.cc
URL: https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6290944614b246fe80ca3866b96d39&subpub=31064&subacc=

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0447534e8de002c6588f64510f05d42f8b9f006ec84c3952bbd89a4c3199c059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 15 Jan 2023 07:35:54 GMT
etag: W/"5f91e89d-2357"
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
strict-transport-security: max-age=31536000

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 789ceff73a72bb29-MXP
content-type: text/html; charset=utf-8
cross-origin-window-policy: deny
date: Sun, 15 Jan 2023 07:35:54 GMT
location: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBuELskJMw%2BD5Xg%2F1b0ILH20O9lBPAhC8i6OEIKSqIRRrrB2MKohq9Fug2NKI0Bz48VgYq2%2F0h5pnp9GkNfqTbu9x6KTemd%2FxdORAOl43UaypCgPfl5NJJJ04ZOMM2ttuxWXmAUhYVL%2Fah5atDAyUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: FzprRM3p0_Pu2rsAkHbx
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 97ms
36ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Requested by

Host: zgirls2.com
URL: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd2d90f624611c764ed94e067391c89de631aadbf418cb69271ed0b99ba952df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 15 Jan 2023 07:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 15 Jan 2023 07:35:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 15 Jan 2023 07:35:55 GMT

GET
H2 200 fontello-embedded.css
zgirls2.com/landers/cd97db6cc8/css/ 15 KB
16 KB 50ms
49ms Stylesheet
text/css 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://zgirls2.com/landers/cd97db6cc8/css/fontello-embedded.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

0d84e0cfa99948e3a979cd6cc5a1f9859cbb4b7b254803df2205742461ffa26d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-3d68"
content-type: text/css
accept-ranges: bytes
content-length: 15720

GET
H2 200 main.min.css
zgirls2.com/landers/cd97db6cc8/css/ 26 KB
26 KB 50ms
49ms Stylesheet
text/css 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://zgirls2.com/landers/cd97db6cc8/css/main.min.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

017973107fe1762144c220395561a5cbf6fe50f3ee8a093dbcaa0799c6e3fcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-687b"
content-type: text/css
accept-ranges: bytes
content-length: 26747

GET
H2 200 logo.png
zgirls2.com/landers/cd97db6cc8/img/ 2 KB
2 KB 62ms
61ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

56b6907bc9b477a36561f36e4a7cd13012e9dd6fc29a0feb52e8cae6b8710821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-6b0"
content-type: image/png
accept-ranges: bytes
content-length: 1712

GET
H2 200 photo-set.png
zgirls2.com/landers/cd97db6cc8/img/ 123 KB
123 KB 62ms
61ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/photo-set.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3d2779f100506827b507e4ffc3ff7777c732fa6917cbc2e1a83743b0d723dc10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-1eb7d"
content-type: image/png
accept-ranges: bytes
content-length: 125821

GET
H2 200 lazyload.min.js Show response
zgirls2.com/landers/cd97db6cc8/js/ 6 KB
6 KB 62ms
60ms Script
application/javascript 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://zgirls2.com/landers/cd97db6cc8/js/lazyload.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

2255bef30e077ce144a2825d2236cd629cd7e1ed56042b85e817119a4724da12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-1787"
content-type: application/javascript
accept-ranges: bytes
content-length: 6023

GET
H2 200 story-love-validation.js Show response
zgirls2.com/landers/cd97db6cc8/js/ 7 KB
7 KB 62ms
61ms Script
application/javascript 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://zgirls2.com/landers/cd97db6cc8/js/story-love-validation.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

556da2244c343e1b836ba19a013fc59cc8bddb794b72050caa5a6dfbde98ddc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-1a67"
content-type: application/javascript
accept-ranges: bytes
content-length: 6759

GET
H2 200 common.js Show response
zgirls2.com/landers/cd97db6cc8/js/ 131 KB
131 KB 62ms
61ms Script
application/javascript 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://zgirls2.com/landers/cd97db6cc8/js/common.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

67edafe05638ba19e862e8bdeb9a2795f5c4ef3838390879f7da3847c1b944b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:54 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-20c0e"
content-type: application/javascript
accept-ranges: bytes
content-length: 134158

GET
H2 200 hearts.png
zgirls2.com/landers/cd97db6cc8/img/ 12 KB
12 KB 28ms
27ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/hearts.png

Requested by

Host: zgirls2.com
URL: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7549dc80ae75634e670299d80065f559efe52aa1b7be6e70296ae57f01d54584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-307c"
content-type: image/png
accept-ranges: bytes
content-length: 12412

GET
H2 200 1.png
zgirls2.com/landers/cd97db6cc8/img/ 117 KB
117 KB 28ms
28ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/1.png

Requested by

Host: zgirls2.com
URL: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

bd941b5ef881ad1464ef1ca748059870521fd02433e6e39b5b45303b4824bddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-1d31e"
content-type: image/png
accept-ranges: bytes
content-length: 119582

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 136ms
38ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zgirls2.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 09:20:18 GMT
x-content-type-options: nosniff
age: 512137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jan 2024 09:20:18 GMT

GET
H2 200 arrow.svg
zgirls2.com/landers/cd97db6cc8/img/ 933 B
1 KB 47ms
47ms Image
image/svg+xml 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/arrow.svg

Requested by

Host: zgirls2.com
URL: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3cbb9e67eaa5be07f4bc43fdf5eeff6b7eab06d4f254b951faf72b18a366df08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-3a5"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 933

GET
H2 200 check.png
zgirls2.com/landers/cd97db6cc8/img/ 1 KB
2 KB 48ms
47ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/check.png

Requested by

Host: zgirls2.com
URL: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

e910892bd983d28a3aeefc9f91c40de916867ec76f9bbdbea415c75e1bd69411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-575"
content-type: image/png
accept-ranges: bytes
content-length: 1397

GET
H2 200 triangle.png
zgirls2.com/landers/cd97db6cc8/img/ 222 B
380 B 48ms
48ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/triangle.png

Requested by

Host: zgirls2.com
URL: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

12c32659ec5aa4eb8b5c64fc0ce04150b2b5742a154443d7dac3b3ab125fbb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/css/main.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-de"
content-type: image/png
accept-ranges: bytes
content-length: 222

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3897d35a2e9952d1145efff29fdcc332d05365407bce1fce32c40823e88fd6e

Request headers

Referer
Origin: https://zgirls2.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 2.png
zgirls2.com/landers/cd97db6cc8/img/ 192 KB
193 KB 25ms
24ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7e31c9272d1d6e86ba73b5631c2503f34cd0f8574e01586e1d2e5adf6b1a974b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-300c3"
content-type: image/png
accept-ranges: bytes
content-length: 196803

GET
H2 200 3.png
zgirls2.com/landers/cd97db6cc8/img/ 201 KB
202 KB 30ms
29ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/3.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

ba6fc20ee33a23df397298df750596481814d64a9bb16ce397370feee80937c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-3251f"
content-type: image/png
accept-ranges: bytes
content-length: 206111

GET
H2 200 4.png
zgirls2.com/landers/cd97db6cc8/img/ 182 KB
183 KB 49ms
48ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/4.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

3e07d5d1909aeac095d0cbadc09acb0e51ff0a53fa4afd5bdb2a1356b8bfacd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-2d8f9"
content-type: image/png
accept-ranges: bytes
content-length: 186617

GET
H2 200 5.png
zgirls2.com/landers/cd97db6cc8/img/ 236 KB
236 KB 50ms
50ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/5.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

6515fc16c52f1bfc9629ac500c99597f9bd559a8ae58a0fe4aaab992b02a8e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-3ae10"
content-type: image/png
accept-ranges: bytes
content-length: 241168

GET
H2 200 6.png
zgirls2.com/landers/cd97db6cc8/img/ 190 KB
191 KB 50ms
50ms Image
image/png 161.35.67.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zgirls2.com/landers/cd97db6cc8/img/6.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

161.35.67.91 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

a6c3d84a8701b83a65f027e3741d9e3e3d0c8fd0329ff85a71de383dd5444739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://zgirls2.com/landers/cd97db6cc8/index.html?adult=1&app=%7Bapp%7D&ccode=geoREPLACE&esub=-7EBRQCgQAAAfmqAEDcXMDBncwRgYDBU0AAg_arMNjEQ0aEQ0aEQ1CEQ1aA0lUA3Vzf2FkY29tYm__dUNqZGpSdjcAA0c5&extwb=1&gaid=%7Bgaid%7D&mondo=bongo&platform=traffic_admin&source=adcombo&subacc=31064&subid=d2b8451ada6e0ecb1e78480e90ed9895__31064&ukey=d2b8451ada6e0ecb1e78480e90ed9895
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 07:35:55 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 22 Oct 2020 20:16:29 GMT
server: nginx/1.18.0
etag: "5f91e89d-2f91f"
content-type: image/png
accept-ranges: bytes
content-length: 194847

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
scdgjfzry.com/	1970-01-20 09:39:20	Name: 40962 Value: 62909446-14b2-46fe-80ca-3866b96d3929
.uhd2b8451auh.ggljjk.cc/	1970-01-20 10:00:56	Name: adc_295531087740 Value: 1
link.date4me2.com/	1969-12-31 23:59:59	Name: id Value: e0d0afe5-f503-4943-9f6b-1c80afdeb324

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://uhd2b8451auh.ggljjk.cc/?target=-7EBNQCgQAAAfmqAEDcXMABQEBEREKEQkKEQ1CEQ0SAAF_YWRjb21ibwEx&clickid=6290944614b246fe80ca3866b96d39&subpub=31064&subacc= Message: [.WebGL-0x63c00329400]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

febatigr.com
fonts.googleapis.com
fonts.gstatic.com
link.date4me2.com
scdgjfzry.com
uhd2b8451auh.ggljjk.cc
yes.unos.baby
zgirls2.com
161.35.67.91
2a00:1450:4001:80f::200a
2a00:1450:400d:808::2003
2a00:f940:2:2:1:1:0:30
2a03:90c0:41:2801::62
2a06:98c1:3120::3
46.229.167.169
94.130.252.85
017973107fe1762144c220395561a5cbf6fe50f3ee8a093dbcaa0799c6e3fcdb
0447534e8de002c6588f64510f05d42f8b9f006ec84c3952bbd89a4c3199c059
0d84e0cfa99948e3a979cd6cc5a1f9859cbb4b7b254803df2205742461ffa26d
12c32659ec5aa4eb8b5c64fc0ce04150b2b5742a154443d7dac3b3ab125fbb5d
2255bef30e077ce144a2825d2236cd629cd7e1ed56042b85e817119a4724da12
3cbb9e67eaa5be07f4bc43fdf5eeff6b7eab06d4f254b951faf72b18a366df08
3d2779f100506827b507e4ffc3ff7777c732fa6917cbc2e1a83743b0d723dc10
3e07d5d1909aeac095d0cbadc09acb0e51ff0a53fa4afd5bdb2a1356b8bfacd0
556da2244c343e1b836ba19a013fc59cc8bddb794b72050caa5a6dfbde98ddc0
56b6907bc9b477a36561f36e4a7cd13012e9dd6fc29a0feb52e8cae6b8710821
6515fc16c52f1bfc9629ac500c99597f9bd559a8ae58a0fe4aaab992b02a8e03
67edafe05638ba19e862e8bdeb9a2795f5c4ef3838390879f7da3847c1b944b5
7549dc80ae75634e670299d80065f559efe52aa1b7be6e70296ae57f01d54584
7e31c9272d1d6e86ba73b5631c2503f34cd0f8574e01586e1d2e5adf6b1a974b
a636a00701447b1e8e0b12c3f349cc4cad7c3983d03a9382760c3f6854353a98
a6c3d84a8701b83a65f027e3741d9e3e3d0c8fd0329ff85a71de383dd5444739
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
ae9909f2136f474aa3730618a7922b4a9423a1949cab15d371a5ff20461fce4c
b6c65ab685234e744044e9b94c2a52db31b84c54ff3a00044aa188012ad61365
ba6fc20ee33a23df397298df750596481814d64a9bb16ce397370feee80937c1
bd941b5ef881ad1464ef1ca748059870521fd02433e6e39b5b45303b4824bddf
dd2d90f624611c764ed94e067391c89de631aadbf418cb69271ed0b99ba952df
e910892bd983d28a3aeefc9f91c40de916867ec76f9bbdbea415c75e1bd69411
f3897d35a2e9952d1145efff29fdcc332d05365407bce1fce32c40823e88fd6e

zgirls2.com Open in urlscan Pro 161.35.67.91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

7 IPs

4 Countries

1500 kBTransfer

1528 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

zgirls2.com Open in urlscan Pro
161.35.67.91 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

1500 kB
Transfer

1528 kB
Size

3
Cookies

23 HTTP transactions
1 data transactions