ftp.rtpbagus.co Open in urlscan Pro
69.57.162.58  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ftp.rtpbagus.co/	48 KB 13 KB	492ms 223ms	Document text/html	69.57.162.58 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.57.162.58 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS btrhoki.online Software LiteSpeed / PHP/8.0.30 Resource Hash 8f49a0569a6ff0319ad3ac910c4e29c5034d9c423a3acd76b4e36109450a9019 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Sun, 14 Jan 2024 19:43:32 GMT server LiteSpeed vary Accept-Encoding x-powered-by PHP/8.0.30 x-turbo-charged-by LiteSpeed
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/v0/	110 KB 33 KB	221ms 76ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-analytics-0.1.js Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a0b8fa938af334bce5a350b66110d0b21be7630c46e6fe32fd0f00d877e1e6f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Sun, 14 Jan 2024 19:43:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 32198 x-xss-protection 0 server sffe etag "adb7489d39d466fa" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 14 Jan 2024 19:43:32 GMT
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	243ms 98ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c4d51bd3b5d960b8c193cf3b6f064017afcddf2ac74ffec5f89135c36858ff5f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Sun, 14 Jan 2024 19:43:32 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73064 x-xss-protection 0 server sffe etag "9058cca2bebd166f" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sun, 14 Jan 2024 19:43:32 GMT
GET H2	404	banner-btr.jpg i.postimg.cc/02gJMn74/	3 KB 3 KB	208ms 75ms	Image image/png	185.150.189.106 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.postimg.cc/02gJMn74/banner-btr.jpg Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.150.189.106 Piscataway, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420 Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:32 GMT server nginx content-length 2712 content-type image/png
GET DATA	200 OK	truncated /	83 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 68e0939708d1889ebefc676f53487f068baf3ca8f028d131a28ab4adddc948db Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	83 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 55454193c43a1b4b8e8b3f02c928a97be3a42e785e8ea4d0f73838d3bffe10b6 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	404	btr.gif i.postimg.cc/j5s75SNS/	3 KB 3 KB	81ms 77ms	Image image/png	185.150.189.106 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.postimg.cc/j5s75SNS/btr.gif Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.150.189.106 Piscataway, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420 Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT server nginx content-length 2712 content-type image/png
GET H2	200	xMIk75y.png i.imgur.com/	6 KB 6 KB	280ms 63ms	Image image/png	146.75.36.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/xMIk75y.png Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.36.193 Reston, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 8f614e33b2d33bd06ff2073846770f3c9059324e42dd80af7cbe02f0c6a37dd8 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 331508 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT content-length 6040 x-served-by cache-iad-kcgs7200086-IAD last-modified Sun, 24 Sep 2023 11:39:54 GMT server cat factory 1.0 x-timer S1705261413.262341,VS0,VE2 etag "e0ce4d5a479c2eff243f498ab2d3aa0a" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id kOKbMUQXH9Gi3G808U-ES0lj_qgvd_uNObc866Pkjvmb0-eLXqSCdQ== x-cache-hits 1
GET H2	200	livechat.webp i.postimg.cc/Gm8ncXpG/	2 KB 2 KB	75ms 72ms	Image image/webp	185.150.189.106 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.postimg.cc/Gm8ncXpG/livechat.webp Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.150.189.106 Piscataway, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash aaf2c4fb86d6999e967814418c8fee7f3370548fe02bad8ab54a378869fefd63 Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT last-modified Thu, 24 Aug 2023 15:53:23 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/webp access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 1690 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	JHGWQt4.gif iili.io/	355 KB 356 KB	412ms 195ms	Image image/gif	2606:4700:3038::6815:eb46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://iili.io/JHGWQt4.gif Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b186cda5dc75e91e40a2af99eaa1e537ca24120e9e273bcb08bb674eee9c54e6 Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 363472 last-modified Fri, 15 Sep 2023 20:55:10 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shklCfhGZUOpEhOxmSPLsphzTgIAebZHL1gAbvzVZStb%2FqYx%2BJybKXHluloAPJVRd2ee8G5UT6%2FB8v9lDgeMKeCBSnA2m8FdoIOEyZBHbUZs42ex5t35WpAZJde8GPcoIdKR8XYi"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84585e58dcc3db11-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	JHGWXF1.gif iili.io/	374 KB 374 KB	447ms 231ms	Image image/gif	2606:4700:3038::6815:eb46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://iili.io/JHGWXF1.gif Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a633347764678679447c734097dc7a23afe003a1f02524a733d848fcdba83a0b Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 382662 last-modified Fri, 15 Sep 2023 20:55:08 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydyRclM55lW2lOB0sSyhwlOUTWqybyvENmNEOEhz%2BNKqI6m1VILnONgTCTWtjfe0gx2SOQ9WrIO99eKtLudU%2FlI3abXhYUmyplBPdJp2pyWNkJBMYGmmfrYt24Mw738B2xCFdz07"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84585e58dcc6db11-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	JHGW5F9.gif iili.io/	307 KB 308 KB	446ms 230ms	Image image/gif	2606:4700:3038::6815:eb46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://iili.io/JHGW5F9.gif Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f7dea72c0d1fae32d9f20e5c97a217c6c0016659a6e5ac8e00fed4a5fea418b Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 314733 last-modified Fri, 15 Sep 2023 20:55:07 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUAuaqFW8Uh9ahsWBnhGeTybYzrrdgAUavr%2Bid5SZlHyayU5Nn2grNygdC%2FCCwAyRWNBN1mV4%2FqBDN9Nc0HGT3DRlwrMaFQ%2F1l4KD11s05KjT6b5I%2BprY3n4u5TlEbSRveY0yP3z"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84585e58dcc7db11-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	JHGWayb.gif iili.io/	351 KB 352 KB	412ms 196ms	Image image/gif	2606:4700:3038::6815:eb46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://iili.io/JHGWayb.gif Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52bd7a225a20e6a68def9d42582d2cf6db96180640b98f9823746751af0629b3 Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 359274 last-modified Fri, 15 Sep 2023 20:55:07 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLp1J%2F5KOvnCSa12FDH9ZekACPPBF%2Fow6RSM5BV4ywmGZz5uVgkjnIN84i1ZnNdo%2FH%2BGcXpG2vHf%2B6fpWJavi%2B5jpM73HIfWRY2X5heCPN0lQq5ia8iunXIgtIJTN5W%2Biexu17K%2B"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84585e58dcc5db11-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	JHGWj8g.gif iili.io/	377 KB 378 KB	444ms 228ms	Image image/gif	2606:4700:3038::6815:eb46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://iili.io/JHGWj8g.gif Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4cdd9b1c84c06ec61643b20fc90249b80a0169d8b8701b92326cca5e8c73e737 Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 386388 last-modified Fri, 15 Sep 2023 20:55:08 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcgyGih2vFYNlerequkpOnL%2FlxBpbrheBYZJg8lugYVa%2BaY4w9hAT4yMCAcSFR8%2F8Cix1EhI2RDEnYRsCc4aoFON2VvgNImSUgF58BlcCiGpUssFx3P9UzJX1rpWx6wnnTW08pqp"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84585e58dcc1db11-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	JHGWDV2.gif iili.io/	352 KB 353 KB	446ms 230ms	Image image/gif	2606:4700:3038::6815:eb46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://iili.io/JHGWDV2.gif Requested by Host: ftp.rtpbagus.co URL: https://ftp.rtpbagus.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0b67ce4daa2ab1be8e16f696d7744f06b178e8fc101cc52c8f755215c1ec15f Request headers accept-language en-US,en;q=0.9 Referer https://ftp.rtpbagus.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 19:43:33 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 360435 last-modified Fri, 15 Sep 2023 20:55:10 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLI8c8IyUDSZjvSRwNyfxH7z1y4Eaq5fjIWXlp4GXmszG%2Fmu9sgkybuaxPmIkU%2Fd%2F33WogJ6pogj5cm4VkaJGebYM%2BKk0ScQ168UDql3VmGvXgrGAxUPsSfKEZrnKpc9EhLlapPl"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=315360000 accept-ranges bytes cf-ray 84585e58ccbcdb11-MIA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012312191621000/v0/	8 KB 3 KB	207ms 71ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012312191621000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14ab49460c47fdf815c70b7f64b44d3448cc900818109df37d872cf9bff5655d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ftp.rtpbagus.co/ Origin https://ftp.rtpbagus.co accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 12 Jan 2024 09:24:56 GMT age 209917 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2974 x-xss-protection 0 server sffe etag "e52fa5b802575fbf" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 11 Jan 2025 09:24:56 GMT
GET H3	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012312191621000/v0/	12 KB 4 KB	204ms 72ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012312191621000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74d4bdf53948592ec60f4d551e63e2a0ded2ef5a357eaf7ea0a213d96cc17c30 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ftp.rtpbagus.co/ Origin https://ftp.rtpbagus.co accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Fri, 12 Jan 2024 09:24:57 GMT age 209916 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3937 x-xss-protection 0 server sffe etag "2beb5dd317750b97" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Sat, 11 Jan 2025 09:24:57 GMT
GET H3	200	amp-lightbox-gallery-0.1.js Show response cdn.ampproject.org/rtv/012312191621000/v0/	65 KB 19 KB	67ms 66ms	Script text/javascript	2607:f8b0:4006:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012312191621000/v0/amp-lightbox-gallery-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:821::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ac98dcb5ce5a3d18790421627f9c027e45b3292e2f78dc61ad78f735884060fa Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ftp.rtpbagus.co/ Origin https://ftp.rtpbagus.co accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 09 Jan 2024 20:23:56 GMT age 429577 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19075 x-xss-protection 0 server sffe etag "3d1a0bdf5e44af10" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 08 Jan 2025 20:23:56 GMT

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.postimg.cc/02gJMn74/banner-btr.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/j5s75SNS/btr.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
ftp.rtpbagus.co
i.imgur.com
i.postimg.cc
iili.io
146.75.36.193
185.150.189.106
2606:4700:3038::6815:eb46
2607:f8b0:4006:821::2001
69.57.162.58
14ab49460c47fdf815c70b7f64b44d3448cc900818109df37d872cf9bff5655d
4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420
4cdd9b1c84c06ec61643b20fc90249b80a0169d8b8701b92326cca5e8c73e737
52bd7a225a20e6a68def9d42582d2cf6db96180640b98f9823746751af0629b3
55454193c43a1b4b8e8b3f02c928a97be3a42e785e8ea4d0f73838d3bffe10b6
5a0b8fa938af334bce5a350b66110d0b21be7630c46e6fe32fd0f00d877e1e6f
68e0939708d1889ebefc676f53487f068baf3ca8f028d131a28ab4adddc948db
6f7dea72c0d1fae32d9f20e5c97a217c6c0016659a6e5ac8e00fed4a5fea418b
74d4bdf53948592ec60f4d551e63e2a0ded2ef5a357eaf7ea0a213d96cc17c30
8f49a0569a6ff0319ad3ac910c4e29c5034d9c423a3acd76b4e36109450a9019
8f614e33b2d33bd06ff2073846770f3c9059324e42dd80af7cbe02f0c6a37dd8
a633347764678679447c734097dc7a23afe003a1f02524a733d848fcdba83a0b
aaf2c4fb86d6999e967814418c8fee7f3370548fe02bad8ab54a378869fefd63
ac98dcb5ce5a3d18790421627f9c027e45b3292e2f78dc61ad78f735884060fa
b0b67ce4daa2ab1be8e16f696d7744f06b178e8fc101cc52c8f755215c1ec15f
b186cda5dc75e91e40a2af99eaa1e537ca24120e9e273bcb08bb674eee9c54e6
c4d51bd3b5d960b8c193cf3b6f064017afcddf2ac74ffec5f89135c36858ff5f