ftp.naughtybux.site Open in urlscan Pro
2606:4700:3036::6815:6ed Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ftp.naughtybux.site/
Effective URL:
https://ftp.naughtybux.site/
Submission: On July 21 via api (July 21st 2022, 1:12:02 pm UTC) from US — Scanned from US

Summary HTTP 54 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3036::6815:6ed, located in United States and belongs to CLOUDFLARENET, US. The main domain is ftp.naughtybux.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 20th 2022. Valid for: a year.

This is the only time ftp.naughtybux.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	2606:4700:303... 2606:4700:3036::6815:6ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.244.37.10 185.244.37.10	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
1	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
3 3	45.14.224.146 45.14.224.146	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
3	2606:4700:303... 2606:4700:3038::6815:ea45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:4208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	172.104.29.90 172.104.29.90	63949 (LINODE-AP...) (LINODE-AP Linode)
2	2607:f8b0:400... 2607:f8b0:4006:822::200d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:807::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2004	15169 (GOOGLE) (GOOGLE)
54	18

6 2606:4700:3036::6815:6ed (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ftp.naughtybux.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.244.37.10 (Amsterdam, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: server.rshost.in

adraclubmix.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80a::200a (New York, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80d::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.14.224.146 (Amsterdam, Netherlands) 3 redirects

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: hosted-by.spectraip.net

kanchan.wapkiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea45 (United States)

ASN13335 (CLOUDFLARENET, US)

dl7.wapkizfile.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:807::200e (New York, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:4208 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.29.90 (Cedar Knolls, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1848-90.members.linode.com

service.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200d (New York, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2001 (New York, United States)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:807::2003 (New York, United States)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com apis.google.com — Cisco Umbrella Rank: 164 adservice.google.com — Cisco Umbrella Rank: 96 accounts.google.com — Cisco Umbrella Rank: 118 www.google.com — Cisco Umbrella Rank: 10	224 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	212 KB
7	gstatic.com fonts.gstatic.com ssl.gstatic.com	17 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 113	127 KB
6	naughtybux.site 1 redirects ftp.naughtybux.site	30 KB
3	supercounters.com widget.supercounters.com — Cisco Umbrella Rank: 188120 service.supercounters.com — Cisco Umbrella Rank: 182240	3 KB
3	wapkizfile.info dl7.wapkizfile.info	3 MB
3	wapkiz.com 3 redirects kanchan.wapkiz.com	2 KB
3	adraclubmix.in adraclubmix.in	219 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	5 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 259	3 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	702 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	952 B
54	13

	Domain	Requested by
8	apis.google.com	ftp.naughtybux.site apis.google.com www.youtube.com accounts.google.com
7	www.youtube.com	apis.google.com www.youtube.com
6	ssl.gstatic.com	accounts.google.com ftp.naughtybux.site
6	pagead2.googlesyndication.com	ftp.naughtybux.site pagead2.googlesyndication.com tpc.googlesyndication.com
6	ftp.naughtybux.site	1 redirects ftp.naughtybux.site
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	dl7.wapkizfile.info	ftp.naughtybux.site
3	kanchan.wapkiz.com	3 redirects
3	adraclubmix.in	ftp.naughtybux.site adraclubmix.in
2	accounts.google.com	apis.google.com ftp.naughtybux.site
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	widget.supercounters.com	ftp.naughtybux.site
1	www.google.com	tpc.googlesyndication.com
1	yt3.ggpht.com	www.youtube.com
1	service.supercounters.com	widget.supercounters.com
1	fonts.gstatic.com	fonts.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	ftp.naughtybux.site
54	19

This site contains links to these domains. Also see Links.

Domain
adraclubmix.in
fastnews365.in
rphost.in

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-20` - `2023-05-19`	a year	crt.sh
adraclubmix.in R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.supercounters.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-24` - `2022-09-26`	2 years	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://ftp.naughtybux.site/
Frame ID: DCE1A2ACC88A31B6FADF5C670057F68C
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html
Frame ID: 2671C8009A05CEA006116ABD91C64203
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3973075751403690&output=html&adk=1812271804&adf=3025194257&lmt=1658409113&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fftp.naughtybux.site%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658409113055&bpp=20&bdt=303&idt=255&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1729039329091&frm=20&pv=2&ga_vid=1004184290.1658409113&ga_sid=1658409113&ga_hid=219431234&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068471%2C44768688%2C31060566&oid=2&pvsid=4162791079307692&tmod=1324074678&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=291
Frame ID: A495B68D91A81C8BBFAE4855FF2290D5
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&layout=full&count=default&origin=https%3A%2F%2Fftp.naughtybux.site&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
Frame ID: 86B60350D0B682BF6F41FD6003676DE8
Requests: 6 HTTP requests in this frame

Frame: https://ftp.naughtybux.site/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1658404800
Frame ID: 065A26DAA50E85B7FE397B4D924CF824
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fftp.naughtybux.site&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
Frame ID: 7218D1FB6DE73DAAC49FF80CDAE606DD
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
Frame ID: B244A2ACE78C39B4664D516D8743673D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0DF7CEFF0774EE1475448CA78B3A0D93
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E51BE4E299E64AF13C772CFEE50B761
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AdraclubMix.in :: Dj Remix Songs, Hindi Latest Dj Songs, 2022 Mp3 Songs, Bhojpuri Dj Songs Download, Hard Kick Dj Songs, Old Is Gold Dj Songs, Hard Kick Dj Songs, Purulia Mp3 Songs, Nagpuri Dj Songs, Odia Dj Songs, Compition Dj Songs, Bhojpuri Mp3 Songs

Page URL History Show full URLs

http://ftp.naughtybux.site/ HTTP 301
https://ftp.naughtybux.site/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

54
Requests

94 %
HTTPS

79 %
IPv6

13
Domains

19
Subdomains

18
IPs

2
Countries

4024 kB
Transfer

5203 kB
Size

6
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://adraclubmix.in/

Search URL Search Domain Scan URL

URL: https://fastnews365.in/
Title: DJ SWARNENDU LALPUR

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/19/94/Its_My_Challenge_(Face_To_Face_Runing_Compitition_2022)_Dj_RB_Remix.html
Title: Its My Challenge (Face To Face Runing Compitition 2022) Dj RB Remix.mp3

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/8/40/Gaja_Kheye_Hu_Hu_Kore_(BholaBaba_Spl_Bhakti_Song_2022)_Dj_MX_Remix.html
Title: Gaja Kheye Hu Hu Kore (BholaBaba Spl Bhakti Song 2022) Dj MX Remix.mp3

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/16/75/MJBARAK_HO_RAMDHAN_(Eid_Spl_Humming_Dance_Mix_2022)_Dj_SES_Remix.html
Title: MJBARAK HO RAMDHAN (Eid Spl Humming Dance Mix 2022) Dj SES Remix.mp3

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/updates/update.html
Title: MORE+

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/16/78/NAREK_TAKBIR_Eid_Spl_Humming_Dance_Mix_2022_Dj_SES_Remix.html
Title: NAREK_TAKBIR-(Eid_Spl_Humming_Dance_Mix)-2022_Dj_SES_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/16/79/PANGA_LELYA_Eid_Spl_Humming_Dance_Mix_2022_Dj_SES_Remix.html
Title: PANGA_LELYA-(Eid_Spl_Humming_Dance_Mix)-2022_Dj_SES_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/16/80/TERI_REHEMATO_KA_DARYA_Eid_Spl_Humming_Dance_Mix_2022_Dj_SES_Remix.html
Title: TERI_REHEMATO_KA_DARYA-(Eid_Spl_Humming_Dance_Mix)-2022_Dj_SES_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/82/ALLAH_ALLAH_MAIN_HUI_JAWAN_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: ALLAH_ALLAH_MAIN_HUI_JAWAN-(New_Style_Eid_Special_Dance_Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/83/ALLAH_BAHUT_BADA_HAI_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: ALLAH_BAHUT_BADA_HAI_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/84/ALLAH_HOON_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: ALLAH_HOON-(New_Style_Eid_Special_Dance_Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/85/BHAIJAAN_EID_E_ELO_RE_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: BHAIJAAN_EID_E_ELO_RE-(New_Style_Eid_Special_Dance_Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/86/CHAND_NAZAR_AA_GAYA_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: CHAND_NAZAR_AA_GAYA-(New_Style_Eid_Special_Dance_Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/87/EID_EID_EID_ESECHHE_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: EID_EID_EID_ESECHHE-(New_Style_Eid_Special_Dance_Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/88/KARLO_PYAR_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: KARLO_PYAR-(New_Style_Eid_Special_Dance_Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/89/MUBARAK_EID_MUBARAK_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: MUBARAK_EID_MUBARAK-(New Style Eid Special Dance Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/90/Uthechhe_Chand_Akashe_Eid_Mubarak_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: Uthechhe_Chand_Akashe_Eid_Mubarak-(New_Style_Eid_Special_Dance_Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/91/WALLAH_RE_WALLAH_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: WALLAH_RE_WALLAH-(New Style Eid Special Dance Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/filedownload/18/81/ALLAH_ALLAH_New_Style_Eid_Special_Dance_Mix_Dj_SR_Remix.html
Title: ALLAH_ALLAH-(New_Style_Eid_Special_Dance_Mix)-Dj_SR_Remix

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/category/21/Dj_sanat_Bharatdih.html
Title: Dj sanat Bharatdih (4)

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/category/1/All_Dj_Artist_Dj_Collection_Avilable.html
Title: All Dj Artist Dj Collection Avilable (97)

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/special/last-added.html
Title: Last Added

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/special/top20.html
Title: Top 20

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/privacy-policy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://adraclubmix.in/terms-of-service.php
Title: Terms Of Service

Search URL Search Domain Scan URL

URL: https://rphost.in/
Title: RpHost.In

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ftp.naughtybux.site/ HTTP 301
https://ftp.naughtybux.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://kanchan.wapkiz.com/download/dl7/e6ffec34ecfb12ab2e1858e885b0f57b/kanchan+wapkiz+com/Rb-(kanchan.wapkiz.com).jpg HTTP 302
https://dl7.wapkizfile.info/download/e6ffec34ecfb12ab2e1858e885b0f57b/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Rb-(kanchan.wapkiz.com).jpg

Request Chain 6

https://kanchan.wapkiz.com/download/dl7/6d7b89596dffc6f790454fd435e87b95/kanchan+wapkiz+com/Susovan-(kanchan.wapkiz.com).jpg HTTP 302
https://dl7.wapkizfile.info/download/6d7b89596dffc6f790454fd435e87b95/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Susovan-(kanchan.wapkiz.com).jpg

Request Chain 7

https://kanchan.wapkiz.com/download/dl7/136b3e52102f8cf10d4e49566202853d/kanchan+wapkiz+com/Bm-(kanchan.wapkiz.com).jpg HTTP 302
https://dl7.wapkizfile.info/download/136b3e52102f8cf10d4e49566202853d/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Bm-(kanchan.wapkiz.com).jpg

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ftp.naughtybux.site/
Redirect Chain

http://ftp.naughtybux.site/
https://ftp.naughtybux.site/

25 KB
7 KB

388ms
323ms

Document
text/html

2606:4700:3036::6815:6ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftp.naughtybux.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0232b9081764349a5f6727ec30fafd7897abf012d6ad88281f1125e66199108

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72e42f58b97e1821-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 13:11:52 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwkHW9zEPl7YTcSmOP1Uw6%2B7ln68SPu%2B0S40uOrlmVEzhFAvp6qVuX0HKNFpWd%2BqU%2Beu6wxLI9dMg6RtDQRrmKvN8A1oh54gwTg%2FCryKAGszPMC13kOzxuE8Vg8F0TcKrC7zp6sukRr%2F7WPTmnWIQdVx"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 72e42f57fa0318ea-EWR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 21 Jul 2022 13:11:52 GMT
Expires: Thu, 21 Jul 2022 14:11:52 GMT
Location: https://ftp.naughtybux.site/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCr1YxkeqXvuCYMq6CEsyBmUQsvbg6pfGKJUnw9S8cK8Jwy1dFU9pMuHtNZ7pbr1fpwZtQOHpyq6BRGJyj87b8in2BaClHsGiU31PAkv22xOFi2cbirQj5%2BgKKAThghjvK7ijXqbsV5zNhD57J%2FPd3m7"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK rphost.css
adraclubmix.in/css/ 60 KB
60 KB 555ms
98ms Stylesheet
text/css 185.244.37.10
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://adraclubmix.in/css/rphost.css
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.37.10 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: server.rshost.in
Software: Apache /
Resource Hash: 81440033e545b19aa4dd3c9c14805dfeb8fec266108bcdaab8370d2470fa564c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 13:11:53 GMT
Last-Modified: Sat, 13 Nov 2021 08:54:40 GMT
Server: Apache
Content-Language: en-US
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 61513

GET
H2 200 css
fonts.googleapis.com/ 1 KB
952 B 201ms
35ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cc1f33d2e98255a07f024524dc8e4301353898b61537067731fe4a0d81fe900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 12:22:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 13:11:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 13:11:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 192ms
53ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3973075751403690

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

983d3a64b5cc1c47da483e61587d4c7032b8c33342828832a41594aba9767642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ftp.naughtybux.site/
Origin: https://ftp.naughtybux.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56464
x-xss-protection: 0
server: cafe
etag: 13540061040966140418
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 13:11:52 GMT

GET
H/1.1 200
OK logo.png
adraclubmix.in/image/ 157 KB
158 KB 527ms
99ms Image
image/png 185.244.37.10
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adraclubmix.in/image/logo.png
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.37.10 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: server.rshost.in
Software: Apache /
Resource Hash: 70013a7785ad5f6b9673bf7d30b8d6d26888af053095bcc2d5f1bac08fdb1e20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 13:11:53 GMT
Last-Modified: Sun, 10 Jul 2022 13:02:09 GMT
Server: Apache
Content-Language: en-US
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 161125

GET
H2 200 facebook.png
ftp.naughtybux.site/image/ 485 B
874 B 266ms
264ms Image
image/png 2606:4700:3036::6815:6ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ftp.naughtybux.site/image/facebook.png
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 603a9a84f0e095585bd39b27cd4c4d194a4a45c664373d636e493c2841084957

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:53 GMT
cf-cache-status: MISS
last-modified: Sat, 13 Nov 2021 08:54:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpoaSs3QDZF30gFhtAMpj5kb%2BTVfC43P1wI8%2Boy409jFg9wFrM%2B0IdDk05pJ79l%2FJynFfYI7wdagdNQsgEvIkwtOg9tqoG%2F6t9UR0V3dNi%2FybglZdGLG7757Alh%2BvoVqod%2FFu5zlemnExDY%2F8gWbPd0c"}],"group":"cf-nel","max_age":604800}
content-language: en-US
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72e42f5afd311821-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 485

GET
H2

200

Rb-(kanchan.wapkiz.com).jpg
dl7.wapkizfile.info/download/e6ffec34ecfb12ab2e1858e885b0f57b/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/
Redirect Chain

https://kanchan.wapkiz.com/download/dl7/e6ffec34ecfb12ab2e1858e885b0f57b/kanchan+wapkiz+com/Rb-(kanchan.wapkiz.com).jpg
https://dl7.wapkizfile.info/download/e6ffec34ecfb12ab2e1858e885b0f57b/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Rb-(kanchan.wapkiz.com).jpg

1 MB
1 MB

3361ms
3279ms

Image
image/gif

2606:4700:3038::6815:ea45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7.wapkizfile.info/download/e6ffec34ecfb12ab2e1858e885b0f57b/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Rb-(kanchan.wapkiz.com).jpg
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: H2
Server: 2606:4700:3038::6815:ea45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 3d48ce6c7d5e995bc94626ac9ba54782a7131e85cf9a598c590203be369895f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1385206
last-modified: Thu, 21 Jul 2022 13:11:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONdIm%2BiqgoN%2FG7ErgEusPV8h95vbx5MZ4FJGvrZXxF0eLnuiP083juUNgCPV2QuzpiOlciYVn1QzmjJHygYK860f5xsiICmKnHxnkzLqM%2FwLcyTAaVa%2Fhjl9cKAfSyfB8ORhiQMSXo8RS4cZ6dFBapY%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 72e42f5e49d78c41-EWR

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 13:11:53 GMT
Server: nginx
location: https://dl7.wapkizfile.info/download/e6ffec34ecfb12ab2e1858e885b0f57b/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Rb-(kanchan.wapkiz.com).jpg
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Susovan-(kanchan.wapkiz.com).jpg
dl7.wapkizfile.info/download/6d7b89596dffc6f790454fd435e87b95/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/
Redirect Chain

https://kanchan.wapkiz.com/download/dl7/6d7b89596dffc6f790454fd435e87b95/kanchan+wapkiz+com/Susovan-(kanchan.wapkiz.com).jpg
https://dl7.wapkizfile.info/download/6d7b89596dffc6f790454fd435e87b95/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Susovan-(kanchan.wapkiz.com).jpg

1 MB
1 MB

3096ms
3069ms

Image
image/gif

2606:4700:3038::6815:ea45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7.wapkizfile.info/download/6d7b89596dffc6f790454fd435e87b95/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Susovan-(kanchan.wapkiz.com).jpg
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: H2
Server: 2606:4700:3038::6815:ea45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 3191df21b2f425d310762f9e6ec70ef867794ed718eda300a949f0209c9abe71

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1332580
last-modified: Thu, 21 Jul 2022 13:11:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tX6Ek6RMIz%2FnJnNX6cJMipbANItsEgpcHaR7VYGUQKA2mthv4E4yF3aGARL%2F9O3rbJ3NYly5mMZcqFxa8xyIPHCZwImr2%2FC8b3lJpGVCLUNvnd0Wx5fzao4DNirM6hgi6%2FVVWDe%2B9%2FxZ4jAxsKZecZSp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 72e42f5e49e08c41-EWR

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 13:11:53 GMT
Server: nginx
location: https://dl7.wapkizfile.info/download/6d7b89596dffc6f790454fd435e87b95/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Susovan-(kanchan.wapkiz.com).jpg
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

Bm-(kanchan.wapkiz.com).jpg
dl7.wapkizfile.info/download/136b3e52102f8cf10d4e49566202853d/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/
Redirect Chain

https://kanchan.wapkiz.com/download/dl7/136b3e52102f8cf10d4e49566202853d/kanchan+wapkiz+com/Bm-(kanchan.wapkiz.com).jpg
https://dl7.wapkizfile.info/download/136b3e52102f8cf10d4e49566202853d/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Bm-(kanchan.wapkiz.com).jpg

524 KB
525 KB

1594ms
1568ms

Image
image/gif

2606:4700:3038::6815:ea45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl7.wapkizfile.info/download/136b3e52102f8cf10d4e49566202853d/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Bm-(kanchan.wapkiz.com).jpg
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: H2
Server: 2606:4700:3038::6815:ea45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 4edbd502331b7721bf366910abc7fa223a578081265212b9842d1421452de0ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.6.40
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 536096
last-modified: Thu, 21 Jul 2022 13:11:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNSPRxfEHnC6ZIo9uJdDbSN4Ft%2BqGQ5YN7br4CDTx5x1VLJOFsLTKBFGLQE6HfwPUuEoCH1aSoygjIY35k2g1oSuORpBDqaT4PUMt1Q7GQltxdLknuMJLy%2BWn%2Fk4C%2FjODDM52yTeg3HDsl1ykK5pKUWk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 72e42f5e49db8c41-EWR

Redirect headers

Pragma: no-cache
Date: Thu, 21 Jul 2022 13:11:53 GMT
Server: nginx
location: https://dl7.wapkizfile.info/download/136b3e52102f8cf10d4e49566202853d/47187baaf8f017cccea2b884754fb1e0/kanchan+wapkiz+com/Bm-(kanchan.wapkiz.com).jpg
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 176ms
40ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff152104d728368ece053a5076962e4c7c0f7cbfeaca09969ed0b615d061874e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 21 Jul 2022 13:11:52 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7c25c051a36d9424"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jul 2022 13:11:52 GMT

GET
H2 200 online_i.js Show response
widget.supercounters.com/ssl/ 4 KB
2 KB 152ms
28ms Script
application/javascript 2606:4700:3033::6815:4208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.supercounters.com/ssl/online_i.js
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee80e1799cfa522898910f9b955030eb967d87ff400bf423561b6fa8b05d666a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:46:10 GMT
server: cloudflare
age: 4972
etag: W/"6220aa82-10a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsZc3nA80j%2BIWJ3075QJuZLLqcKMC1LZhbiyf9Tm4St%2FSYQ89ELVmbK1WpFWeS%2FkdWECdtn7bsJ5LU1LDBu0%2F40uK8rr39RUIM46lgTwkKF8Ce7LCh7FUZEiriHLsak1L5TJRAFg%2F0SFWKU0b3GrmszbDMdipdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72e42f5c3b3ef049-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/ 340 KB
120 KB 131ms
77ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2019.js?bust=31068471

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3973075751403690

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ea3c18b3b0319eb1b962e21dbd299478b4a8c2f0e2bbe74eb6cd16aa746c644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122702
x-xss-protection: 0
server: cafe
etag: 8296495731875124681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 13:11:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/ Frame 2671 10 KB
5 KB 124ms
26ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3973075751403690

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ftp.naughtybux.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 17992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 08:12:01 GMT
etag: 8616628553774171045
expires: Thu, 04 Aug 2022 08:12:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
702 B 117ms
35ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ftp.naughtybux.site&callback=_gfp_s_&client=ca-pub-3973075751403690&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2019.js?bust=31068471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

f2d234bb961b0ff2b848d0741a6f1629dabec45e1830a8069e0c96c0b2451ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 116ms
40ms Script
application/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ftp.naughtybux.site

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2019.js?bust=31068471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 13:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A495 603 B
68 B 98ms
49ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3973075751403690&output=html&adk=1812271804&adf=3025194257&lmt=1658409113&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fftp.naughtybux.site%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658409113055&bpp=20&bdt=303&idt=255&shv=r20220719&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1729039329091&frm=20&pv=2&ga_vid=1004184290.1658409113&ga_sid=1658409113&ga_hid=219431234&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C31068471%2C44768688%2C31060566&oid=2&pvsid=4162791079307692&tmod=1324074678&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=291

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2019.js?bust=31068471

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ftp.naughtybux.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:11:53 GMT
expires: Thu, 21 Jul 2022 13:11:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ 126 KB
43 KB 129ms
45ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717dc7830718db58647d7060e192062dac5045f5b5e78247f7db7ac359fe5447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44437
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 07:44:33 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ 120 KB
41 KB 126ms
46ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e897a6518c1220dd1d7b3634342ba90f0874d72d62619e966ed1d85f941ecbc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:44:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41761
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 07:44:33 GMT

GET
H2 200 subscribe_embed Show response
www.youtube.com/ Frame 86B6 3 KB
2 KB 278ms
99ms Document
text/html 2607:f8b0:4006:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&layout=full&count=default&origin=https%3A%2F%2Fftp.naughtybux.site&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9d36e249221139ce4b633183cf86dc4fc22d7da8c3efd9dcf361bcd9e61845bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ftp.naughtybux.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="youtube_main"
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 21 Jul 2022 13:11:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK RSHost.png
adraclubmix.in/image/ 1 KB
1 KB 100ms
99ms Image
image/png 185.244.37.10
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adraclubmix.in/image/RSHost.png
Requested by: Host: adraclubmix.in
URL: https://adraclubmix.in/css/rphost.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.244.37.10 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: server.rshost.in
Software: Apache /
Resource Hash: d41dbc5cee2e39ddd80297ea926dc3b55ec5ca181af20709e3c8253a95a6033c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://adraclubmix.in/css/rphost.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 13:11:53 GMT
Last-Modified: Sat, 13 Nov 2021 08:54:40 GMT
Server: Apache
Content-Language: en-US
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Content-Length: 1151

GET
H2 200 Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2
fonts.gstatic.com/s/josefinsans/v25/ 11 KB
11 KB 167ms
30ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v25/Qw3PZQNVED7rKGKxtqIqX5E-AVSJrOCfjY46_DjQbMZhLw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a79b18e7744f210f2400940cbd7e4b7767391e833645f761b759e9a1a365af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ftp.naughtybux.site
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 06:25:33 GMT
x-content-type-options: nosniff
age: 542780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10892
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:56:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jul 2023 06:25:33 GMT

GET
H/1.1 200
OK fc.php Show response
service.supercounters.com/ 28 B
279 B 184ms
87ms Script
application/x-javascript 172.104.29.90
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://service.supercounters.com/fc.php?id=1633601&w=1&v=2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&ref=&url=https%3A%2F%2Fftp.naughtybux.site%2F&sw=1600&sh=1200&rand=67
Requested by: Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_i.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: 27475644396a602709ae5b5eec649143b107e3404403ee6787b81aecf43e11e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Thu, 21 Jul 2022 13:11:53 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

GET
H3 200 invisible.js Show response
ftp.naughtybux.site/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 065A 36 KB
13 KB 56ms
55ms Script
application/javascript 2606:4700:3036::6815:6ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftp.naughtybux.site/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1658404800
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b424afe5a30279dadd5386912c4b51a395ecd2446ebecb74909dec9f1c16be

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:53 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWsH5sx34%2FK2mGXjxw5mCTUU0xRax0oT1MiksQNOy7fstvRa56sMiyue0Kxkal1be0GKbnfzRNdfq5MYdIxYORTu04%2B6wk1AhsoJY29CxrEqkoLxnjHR%2BTmwqabqn%2FCW6BWOcXzqaUXTzrbOgI8CD5ek"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 72e42f61e9fa1768-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 7218 566 B
904 B 240ms
61ms Document
text/html 2607:f8b0:4006:822::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fftp.naughtybux.site&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200d New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0f925265427dadfb59431483b1182337191248f318185835fa28f66e3a02a4a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-XZ-9YAx0Lym9urlwPpjLIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ftp.naughtybux.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-XZ-9YAx0Lym9urlwPpjLIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Thu, 21 Jul 2022 13:11:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 86B6 38 KB
6 KB 83ms
62ms Stylesheet
text/css 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&layout=full&count=default&origin=https%3A%2F%2Fftp.naughtybux.site&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&layout=full&count=default&origin=https%3A%2F%2Fftp.naughtybux.site&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Jul 2023 08:11:58 GMT

GET
H2 200 AKedOLQJiArpgPBsUmU3Ndm5tZmeg4QH8l3PskR5MUyQ=s48-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 86B6 3 KB
3 KB 491ms
333ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQJiArpgPBsUmU3Ndm5tZmeg4QH8l3PskR5MUyQ=s48-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6dadcdb9e3973a0b0e019e0cfd24bc5d8d5443653a114107b93284277cecba5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:54 GMT
x-content-type-options: nosniff
server: fife
etag: "vc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3169
x-xss-protection: 0
expires: Fri, 22 Jul 2022 13:11:54 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 86B6 252 KB
72 KB 121ms
105ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&layout=full&count=default&origin=https%3A%2F%2Fftp.naughtybux.site&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Jul 2023 08:11:58 GMT

GET
H3 200 pica.js
ftp.naughtybux.site/cdn-cgi/challenge-platform/h/b/scripts/ Frame 065A 20 KB
7 KB 79ms
68ms Other
application/javascript 2606:4700:3036::6815:6ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftp.naughtybux.site/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af08ccf153aa0d52f785bef8cd42d764bea321ab4d6580d991e1cb8417e6d891

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:54 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZyXte2nqYxUtnZ1kDs5bMK4UzWgJHZlZvA0FnQ3J8DsXGkpGJa89zEBLfO%2F1LQqQMnqj0UUSdqapk3h7S3tuW3UW1wspH3HALKjE2LPnddNIs04py1NKduYYJmjlrxyauhqQqFaJIWTlTSi9AVyRPqA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 72e42f62bb3d1768-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 e6781e.png
widget.supercounters.com/images/online/ 557 B
1 KB 150ms
53ms Image
image/png 2606:4700:3033::6815:4208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.supercounters.com/images/online/e6781e.png
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecbef4e1a7707c1913c75a65ff8478febc986305b0b46dac24bc01ace6a367a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:54 GMT
cf-cache-status: HIT
last-modified: Thu, 27 Sep 2012 18:28:17 GMT
server: cloudflare
etag: "50649ac1-22d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6ta6PmioVB5E8Q%2BXenUYWlMkqtk2%2F3baNuVmJv5RLGQZMNeo3v0nDe7tH6OMe%2FUkpL%2BmAF3uFq6C0ZSTnXv03nQJEOsWKMkplkEbST77L1%2FP5Yl1%2FfXTS4Wm%2FtMX7fhmXhaHt9PL6ue62B1npYjLFQYo%2BiQQxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 72e42f634c981778-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 557

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 86B6 156 B
179 B 55ms
27ms Image
image/png 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 15:58:18 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 249216
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Jul 2023 15:58:18 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ Frame 86B6 128 KB
42 KB 48ms
47ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63bd1290734d42988618531f116ded35108d357633fd4ec34676f5824684d16e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42807
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 07:44:27 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame 7218 0
20 B 119ms
61ms Other
text/html 2607:f8b0:4006:822::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::200d New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-UU6ldejger0zZLwTB8rv0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fftp.naughtybux.site&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 13:11:54 GMT
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport, script-src 'report-sample' 'nonce-UU6ldejger0zZLwTB8rv0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 7218 10 KB
5 KB 115ms
26ms Script
text/javascript 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fftp.naughtybux.site&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 22:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 02:11:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 22:35:02 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 7218 14 KB
5 KB 76ms
53ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90db3808153f3ad1a44baaca1fada1748ccaae82d01eac332939a58373849d01

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 21 Jul 2022 13:11:54 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "3959a3722d78b91f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jul 2022 13:11:54 GMT

POST
H3 200 72e42f58b97e1821 Show response
ftp.naughtybux.site/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 065A 2 B
729 B 46ms
45ms XHR
text/plain 2606:4700:3036::6815:6ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ftp.naughtybux.site/cdn-cgi/challenge-platform/h/b/cv/result/72e42f58b97e1821
Requested by: Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1658404800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 21 Jul 2022 13:11:55 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gx84cpZ9TL65Z1S%2BzOYeMn3zslJT%2FpUVGXs7k36cPui9qdJspuxmFfZCvI4vI%2B1LsIico%2BKr9pFfhwH2zg%2FzH9CaVc9XpE71JDLb6FusZjUATdJKeXGd3kXvfI9SZ0MDVPNudorsH1ermH%2B4vZ0VYsBp"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 72e42f6a29201768-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ Frame 7218 53 KB
19 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026c405fffa4011b994664f03b59a6e24e78002ef00d0d717625cb903f5751ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 15:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19114
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 15:26:04 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ 28 KB
9 KB 27ms
25ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed33b88ff13f1e34406dd3cd275d0f4d6a609335a4bf4b4813724980d72ba94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9436
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 07:44:25 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame B244 601 B
290 B 71ms
62ms Document
text/html 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb36d51dc450f83bb4116a5f12fb369571d6386dea906ab2d3194125a8425c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ftp.naughtybux.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-embedder-policy-report-only: require-corp; report-to="youtube_main"
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 21 Jul 2022 13:11:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 84ms
24ms Image
image/gif 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 22:53:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 137920
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jul 2023 22:53:15 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 88ms
25ms Image
image/gif 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 22:44:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 570456
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 14 Jul 2023 22:44:19 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 87ms
26ms Image
image/png 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 04:08:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 464582
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 16 Jul 2023 04:08:53 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 81ms
26ms Image
image/png 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 07:38:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 192823
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Jul 2023 07:38:12 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 81ms
25ms Image
image/png 2607:f8b0:4006:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: ftp.naughtybux.site
URL: https://ftp.naughtybux.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 17:47:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 69892
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Jul 2023 17:47:03 GMT

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame B244 9 KB
2 KB 40ms
28ms Stylesheet
text/css 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Jul 2023 08:12:03 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame B244 149 KB
44 KB 41ms
28ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCaJ2cWU1Nu33Gtd3PiC2ZKg&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.dzXZWX9QTbE.O%2Fd%3D1%2Frs%3DAHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:12:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 21 Jul 2023 08:12:03 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/ Frame B244 128 KB
42 KB 22ms
19ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.dzXZWX9QTbE.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_epIQDPHdjFr3MLkazUi2Jmy50dQ/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63bd1290734d42988618531f116ded35108d357633fd4ec34676f5824684d16e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42807
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 15:25:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 07:44:27 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
44ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220719&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2019.js?bust=31068471

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0127121886c9fa0fa1ee8453f929027bb1a4c70291863cd0a072cee97a8533f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 13:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10941
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 93ms
42ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_fy2019.js?bust=31068471

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 13:11:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0DF7 13 KB
5 KB 67ms
21ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ftp.naughtybux.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 57549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 21:12:48 GMT
expires: Thu, 20 Jul 2023 21:12:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E51 783 B
1 KB 91ms
41ms Document
text/html 2607:f8b0:4006:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ff338d5fb31d0ef087d0f3025409de4e2d68b61dab4790488bbc6c65535a48a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gYGM6aIb43pfp1ZZ6u-KDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ftp.naughtybux.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-gYGM6aIb43pfp1ZZ6u-KDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:11:57 GMT
expires: Thu, 21 Jul 2022 13:11:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 NPXW40WHzeAWpHe0TXJfo1vbWJJjEtRDmO6BZkTaGrg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DF7 36 KB
14 KB 36ms
35ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NPXW40WHzeAWpHe0TXJfo1vbWJJjEtRDmO6BZkTaGrg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34f5d6e34587cde016a477b44d725fa35bdb58926312d44398ee816644da1ab8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14004
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 07:43:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E51 0
0 51ms
51ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220719&jk=4162791079307692&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0DF7 0
9 B 20ms
20ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sNCPEg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220719&jk=4162791079307692&bg=!AAOlA0fNAAZlvz3gRb87ACkAdvg8WnEyuu4GuMGuquPBnt-fVJcxUfoVj1HgMmyNrg3ehFQJbXOM_wIAAACFUgAAAAJoAQcKAJpJ4SGneiParCP2S8uwKkrsS1Sh5i8hYVowI6PuRd4tW869vaoRpodd67pLGTXie7ZsbY2Cfu1UtxuW7XIqUMMQg7y-l61ByCG6WVDCM3mWhsDl9kx1QJLeGepOd1DlktLMYrVYZM0Ffp8kr-hAv5tYcSxq_gsnLGcLwu9lHfVGsJXYNbir3CIK4gZXFJTNckXtlcjllsGkcsbgmQKpVRAnZiW_HWBjHoVFqC8VIiVuZO7aRDY5EjwN0s8lbbXMipN9rWskOYsyRIIe4rwnaBPOfooh5ylaZfe4uAuwIe5FeiWpfes_OIgq2Y9hhn9PoF-7puaDSJPl41BIRzZkAORjOnxEVIksQr_uew81flGRUA-M9aw7xe5l7SYGfOuStwFT2yZcvlbTPEZ0St78E2a9OF0fwjwyRAk9CtV-a3M7o83vAgkS8LQYJ3DaFc-4SLnV5GoxGljMDxcHzeJE_w5PXrvpATjLj421LAkzk9_7RHf_hMrcMv4PC7M8DB6ptBW_CHFxg-aOBuc0UJSAec-s63YQjwel53k74aZQOHJaojpQ_kKGI0tHAXwk690UeeqYuml33lBnRUxBjMX8srtcL1Lp-8s64nT4-wB5ryc07mA4A9ICb1L_4DnnmB5rmzVtEjX6fGDQDE1wWi0DLaLd2s8sql6IBdBb9FGoeMEk7Y_bldrw8vqb_gNSGgzlCj3OQk9iZ_J4GBURCRaI5R13FcqHYaZELGFXcQJyKdAR_5ydu1ZgjR4j4Fn6t0vmLVkUpxdSHi4KXcp_SYhMIJGZ_pCspFjS8_8aSmLnv1ONB4lmz-QERdLwzXWzNnJH-WKjZamOfG4y_1EhrXmqqGkBHd_Dwaag_kAU-NWOCs_GHMjQPeUTy6TUtWMaOuScHxu36oa-rGrVZ8w7MiHqOR6E9n08u-azZFy47CDR5a5ejE-I-067ZJpDaUWpsBHbYZKd3HlbXANE-cZKjQbE_XPLUSjj9_bp_uby3iOqNcLbWUpLiMOnXJiAWLZAIo9dCIvPgjv28TEy8CQZ_tBxrXWDpCNbFrjbYctsMWF8LshxfZr_XJCplaWGCRjQsm6iA26t_F--m2X5pGT_kED38GB02IDTKImM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ftp.naughtybux.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.naughtybux.site/	1970-01-20 14:01:45	Name: __gads Value: ID=8d6f2657b022bed4-22edc3ca2ad400c1:T=1658409113:RT=1658409113:S=ALNI_MZS3saCmCH0WVeH3vUTa04WJNRJwA
.naughtybux.site/	1970-01-20 14:01:45	Name: __gpi Value: UID=0000064c93bd4273:T=1658409113:RT=1658409113:S=ALNI_MaHs34dnfGrkKh5FLx1X7MvQjQ_hw
.doubleclick.net/	1970-01-20 04:40:10	Name: test_cookie Value: CheckForPermission
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lwJ3kELmKsY
.youtube.com/	1970-01-20 08:59:21	Name: VISITOR_INFO1_LIVE Value: WL8GPGO5eRk
.naughtybux.site/	1970-01-20 04:40:10	Name: __cf_bm Value: Gu8pboTj80mTvhyZQkXRrFFMD54cycpFZt4Tm0VQM_4-1658409115-0-AfpikSGDQWVGESeE8g9a0W8oIeTV0s8P9YWPWx+GHjwwj1AiMdEFgNOLHybMj6m1bBaTUNqK8zJhtvge/eq9UtRxmf1G1hEXyjX6jlGm2JOki9OP7wnZKrq9q2eahsD4SQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://ftp.naughtybux.site/(Line 7) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adraclubmix.in
adservice.google.com
apis.google.com
dl7.wapkizfile.info
fonts.googleapis.com
fonts.gstatic.com
ftp.naughtybux.site
googleads.g.doubleclick.net
kanchan.wapkiz.com
pagead2.googlesyndication.com
partner.googleadservices.com
service.supercounters.com
ssl.gstatic.com
tpc.googlesyndication.com
widget.supercounters.com
www.google.com
www.youtube.com
yt3.ggpht.com
142.251.40.130
172.104.29.90
185.244.37.10
2606:4700:3033::6815:4208
2606:4700:3036::6815:6ed
2606:4700:3038::6815:ea45
2607:f8b0:4006:807::2003
2607:f8b0:4006:807::200e
2607:f8b0:4006:808::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80a::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2001
2607:f8b0:4006:822::200d
45.14.224.146
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
026c405fffa4011b994664f03b59a6e24e78002ef00d0d717625cb903f5751ff
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0ecbef4e1a7707c1913c75a65ff8478febc986305b0b46dac24bc01ace6a367a
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27475644396a602709ae5b5eec649143b107e3404403ee6787b81aecf43e11e9
3191df21b2f425d310762f9e6ec70ef867794ed718eda300a949f0209c9abe71
34f5d6e34587cde016a477b44d725fa35bdb58926312d44398ee816644da1ab8
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
3d48ce6c7d5e995bc94626ac9ba54782a7131e85cf9a598c590203be369895f5
3ea3c18b3b0319eb1b962e21dbd299478b4a8c2f0e2bbe74eb6cd16aa746c644
4a79b18e7744f210f2400940cbd7e4b7767391e833645f761b759e9a1a365af7
4edbd502331b7721bf366910abc7fa223a578081265212b9842d1421452de0ec
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5cc1f33d2e98255a07f024524dc8e4301353898b61537067731fe4a0d81fe900
603a9a84f0e095585bd39b27cd4c4d194a4a45c664373d636e493c2841084957
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63bd1290734d42988618531f116ded35108d357633fd4ec34676f5824684d16e
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6dadcdb9e3973a0b0e019e0cfd24bc5d8d5443653a114107b93284277cecba5e
70013a7785ad5f6b9673bf7d30b8d6d26888af053095bcc2d5f1bac08fdb1e20
717dc7830718db58647d7060e192062dac5045f5b5e78247f7db7ac359fe5447
7ff338d5fb31d0ef087d0f3025409de4e2d68b61dab4790488bbc6c65535a48a
81440033e545b19aa4dd3c9c14805dfeb8fec266108bcdaab8370d2470fa564c
90db3808153f3ad1a44baaca1fada1748ccaae82d01eac332939a58373849d01
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
983d3a64b5cc1c47da483e61587d4c7032b8c33342828832a41594aba9767642
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9d36e249221139ce4b633183cf86dc4fc22d7da8c3efd9dcf361bcd9e61845bf
a0127121886c9fa0fa1ee8453f929027bb1a4c70291863cd0a072cee97a8533f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
af08ccf153aa0d52f785bef8cd42d764bea321ab4d6580d991e1cb8417e6d891
b0232b9081764349a5f6727ec30fafd7897abf012d6ad88281f1125e66199108
b0b424afe5a30279dadd5386912c4b51a395ecd2446ebecb74909dec9f1c16be
bb36d51dc450f83bb4116a5f12fb369571d6386dea906ab2d3194125a8425c25
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
d41dbc5cee2e39ddd80297ea926dc3b55ec5ca181af20709e3c8253a95a6033c
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0f925265427dadfb59431483b1182337191248f318185835fa28f66e3a02a4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e897a6518c1220dd1d7b3634342ba90f0874d72d62619e966ed1d85f941ecbc5
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
ed33b88ff13f1e34406dd3cd275d0f4d6a609335a4bf4b4813724980d72ba94b
ee80e1799cfa522898910f9b955030eb967d87ff400bf423561b6fa8b05d666a
f2d234bb961b0ff2b848d0741a6f1629dabec45e1830a8069e0c96c0b2451ce5
ff152104d728368ece053a5076962e4c7c0f7cbfeaca09969ed0b615d061874e
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

ftp.naughtybux.site Open in urlscan Pro 2606:4700:3036::6815:6ed Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

94 %HTTPS

79 %IPv6

13 Domains

19 Subdomains

18 IPs

2 Countries

4024 kBTransfer

5203 kBSize

6 Cookies

27 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ftp.naughtybux.site Open in urlscan Pro
2606:4700:3036::6815:6ed Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

94 %
HTTPS

79 %
IPv6

13
Domains

19
Subdomains

18
IPs

2
Countries

4024 kB
Transfer

5203 kB
Size

6
Cookies

54 HTTP transactions
0 data transactions