| cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css | 104.17.24.14 | 200 OK | 845 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (3184) Hashb2752a850d44f50036628eeaef3bfcfa fba46353cf90450ef3d362a123f1e7af3e8c561e 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:35:24 GMT
content-type: text/css; charset=utf-8
content-length: 845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-d17"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 23817
expires: Tue, 15 Apr 2025 03:35:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNJeydtVTgcv2Vg7ppkhubuKYc3gWML%2B8j%2BTOg6VIVSD%2FnpIJxhXMKa3Ft3ylf0fgRNbX8796%2FVPYp2qGIhgIFWwDgszadthwlN1ZvykjrdGeYygdusKiVmIK53JcpymomE2Lf8l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879b486c4bca56a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.css | 104.17.24.14 | 200 OK | 439 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hash6c830c91a0a08fca0fe883504abc7d2b 5193b985aa3f992ce7bad494b6ab519707c48cc1 9d7055ec6af6954d2df80c0ab274b4e4362dcd9f35a184d74ba923ecb0501df3
GET /ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:35:24 GMT
content-type: text/css; charset=utf-8
content-length: 439
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-564"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 23035
expires: Tue, 15 Apr 2025 03:35:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QRGVUrAP8aR%2F1FSZpPwvrUXDyIwNHkQ8v4MHTiosjn2EJy9JIusFYjHUctOrJJ8ecOqwGfbGsbYj8naTP00O8au0Bv4fzZzotyOkovX1OFZ00L44XHu5y5HVdeinGqh1kJhpc1Bu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879b486c4bce56a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/owl.carousel.js | 104.17.24.14 | 200 OK | 16 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/owl.carousel.js IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (360) Hash0aa8dbbc9beca33dd418f7b2a3c966b1 ef764d3a470454c1e440611539635118af1cd14e 84f62a9eaeb4e885739c5c33d4b5b479880f4b11bd3bfc322194fd80af4dbd64
GET /ajax/libs/OwlCarousel2/2.2.1/owl.carousel.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:24 GMT
content-type: application/javascript; charset=utf-8
content-length: 15955
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf0-14d78"
last-modified: Mon, 04 May 2020 16:04:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4878535
expires: Tue, 15 Apr 2025 03:35:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qntGCv5tctTQGZjPZ9dNCW6Bo3xQstfzERustDik6PoV%2FNKQpQmtahFiYS9B87NxVsdotbtr0lhP950D5UV0Q5AbkfY1fHcfx02pX6%2BeJtye9PnWCCm0d4YsDWxcJ6yrwos7Qe%2BZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879b486cfa38b4fd-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/search.png | 104.21.14.82 | 200 OK | 7.9 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/search.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced Hash697f5e65477782b7b1175c89c920ce26 06d78167a347e68d9ededa39634df63385bb8dee b486348d9f707c51fa7547354d4b2de30ca3af034f7910f1a75e6af9f604d68f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/search.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: image/png
content-length: 7897
last-modified: Sun, 20 Nov 2022 05:51:52 GMT
etag: "1ed9-5ede089170e00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S%2F%2FeE6T2TTicdTwLMjJLehZx%2BoAl5GKGYVgFsIfKbADAcS4EdEutC2NSSZgkSAAlMAy2YY4CK5YPwZ%2FnAWMryvD%2BvBY5I2xlTPXcfWroHxU4CQiUIz9%2FfBhmVV1ODI48"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b486c2a87b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/livechat.png | 104.21.14.82 | 200 OK | 1.6 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/livechat.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashdcdaaa02a1abd4d73efac408f2ebadbe 540861301741a1ebc2eefbe793c1541b0e955d9e 1e83734e55ba932a6d0fd88b343746b46bde152653702692bb64ee116b3cb5a1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/livechat.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: image/png
content-length: 1639
last-modified: Sun, 20 Nov 2022 07:22:26 GMT
etag: "667-5ede1ccfb5080"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwxYTY30Y56aAcBgBh2%2FruGeFWb846%2FqdzER851G9rJmmRckUjeOO4qoZiTAdQxbAwp4v7%2BGVXsGf1YZCodIEwX4haf3xovhneTWDL%2B1cw28YJn7kGNZHTok%2BbhIv3TX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b486caaa9b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/daftar.png | 104.21.14.82 | 200 OK | 1.7 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/daftar.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashae74b3c969169df183966d1f49ddc4ce b7060f93fbee33ab368a34151d9b7638659e2bff 7d1aae5c9b6082b47b06ff8699d791c404ebcf48539ffffdd6589fa152f4f8a1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/daftar.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: image/png
content-length: 1690
last-modified: Sun, 20 Nov 2022 07:22:22 GMT
etag: "69a-5ede1ccbe4780"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P1FggzjZWHYkwJ0YvwXTvL8D%2B%2FWK1TeohpLzw0z8Ai3rP3rHXaef1RDRe4ReUmj8s9vIH5SIDiQR6HyMCvKEZaKQXIiZRFmOa3c58tJr4I2p%2BIeGKHWgFvE4L848TZ2O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b486c9aa7b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.14.82 | 200 OK | 17 kB |
URL User Request GET HTTP/2IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeHTML document, Unicode text, UTF-8 text Hash61c8e6adb3e89d3cddd863a7af9ef031 aefcc147b44b196f17024c23e0931b1350a8b92f 02bb64bf359d0e10833dd23943f2595b5430f44cd674482e793728065042df21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:35:24 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; expires=Thu, 25-Apr-2024 05:35:24 GMT; Max-Age=7200; path=/; samesite=lax
joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D; expires=Thu, 25-Apr-2024 05:35:24 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGqq37VuBULpUkkWfQ%2FumOfX9MT2uC4yIL3P4dw6Qa1NcnxBBurJzSek3YrFpNGDxKhoUfXLLPWIIC200dKmzk7Z7pjh7ABtnOfcYjKMu17xDyEDZ58xhlnquoX02bZZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486618aa1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rtpjoss76.cfd/assets/img/promosi.png | 104.21.14.82 | 200 OK | 1.6 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/promosi.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hash8572319df55045132c3cbaf16b1d1dbb 88df75030093ebdfc6987db729bffc4e97a17a32 128cc08b0697d4c76b9cb53205d44e3bb8bb0939cf1951f1ac39ad60f1822467
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/promosi.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: image/png
content-length: 1640
last-modified: Sun, 20 Nov 2022 07:22:34 GMT
etag: "668-5ede1cd756280"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wp1%2FS1hNNeoSKKRyQV5%2BIO%2Fdu70JWQc%2Bbe6EO36UHTyKLSDB4xj5P%2BsPkBsqOyXBEEKTwyruI0S8szi%2Bcr4oVjaHbRJls1Z0UaMmVPBzs0L7i5pZYftT1zM6P79Egc5K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b486c9aa8b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| use.fontawesome.com/releases/v5.8.1/css/all.css | 104.21.27.152 | 200 OK | 20 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.8.1/css/all.css IP104.21.27.152:443
CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeASCII text, with very long lines (54926) Hashe4c542a7f6bf6f74fdd8cdf6e8096396 3a0571a695a35f238026b9398386dc99d9a0c56d eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
GET /releases/v5.8.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:35:24 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
last-modified: Fri, 22 Sep 2023 01:45:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2493198
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=88vkRzKPOfAay9a3mirVEGQUMndoZyRvDI8kN6dQLIOZw8fd%2FEGmH1V7v5%2FYyLqrUwNb6SPSFAc9aXwKhCT%2F3NKkhS59Y7yo3KSAMSSFFO40EIhFH7b43VPB71TESSTPHI5e574v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486c4ffbb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rtpjoss76.cfd/assets/css/bootstrap.min.css | 104.21.14.82 | 200 OK | 28 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/css/bootstrap.min.css IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeASCII text, with very long lines (65326) Hash816af0eddd3b4822c2756227c7e7b7ee c470239d4c7db36d56dc3a74a080c62218c6edc4 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/css
last-modified: Mon, 03 Oct 2022 07:15:04 GMT
etag: W/"2722e-5ea1c1a40ee00-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3vW0xqkRr8ObGZXHYfyyvL7bCkFUgXEfrDoTg7PiShrKaQ5HKEKVSmh5Q5duvnjOjCRwirHucDxLDLHMcmaAjNqR26UM%2FCaSO5%2B2oEDU%2FNlB8Kd%2B6reN4yad%2FMW1Wak"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486c1a7fb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/css/rem.css | 104.21.14.82 | 200 OK | 8.0 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/css/rem.css IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeASCII text, with CRLF line terminators Hash00b5bec113386a5a347767cc9b587d09 8b586dbebc7589d176d9c533a8c89a01780aacd1 9288aae3ae40c000a50df736091432102936412717d65d041a2cbee06b248101
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/rem.css HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/css
last-modified: Wed, 03 May 2023 00:00:00 GMT
etag: W/"29f6-5fabebcb10000-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPzC7reej6%2FWIqe0TUcwhd3gNyuNDXozukxm2ON8Bzm%2FZnozK1%2FvudIU1UmLem9l3XRPWZY2YWXxcBVcQnFya%2B7bG318BSVt2GOXmEA%2BfHAXojbkKUK8tms2UltJzuBE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486c2a82b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/css/rtp.css | 104.21.14.82 | 200 OK | 15 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/css/rtp.css IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeASCII text, with CRLF line terminators Hash4e1e08d64272c92dcef82fa3f549e96f 3329aac5bd53380ca7a3bebc4147d3c0cc006e42 5b13846462f7e9db03bfb0b7a76685858ef16621f8e5b469353cbb597068d55c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/css/rtp.css HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/css
last-modified: Fri, 07 Jul 2023 19:10:30 GMT
etag: W/"50cc-5ffea62e29580-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BmWZJIyZqAnT7Dfcau%2Btf3RdHmf7hcbKzgzO4gp%2F2H9oVKyi5GyVLWcc4DnF%2FNMZp8o9aJ31rP3sPwZ3duMnXwlfFFbb0fB9sJiELse3Dy21O4Ec%2FJdfJjaWXZ5RfAHv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486c2a83b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2 | 104.21.27.152 | 200 OK | 74 kB |
URL GET HTTP/2use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2 IP104.21.27.152:443
CertificateIssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 74256, version 329.-17761 Hash418dad87601f9c8abd0e5798c0dc1feb a6b003ef506e92d05cde73adf67487d7fd7ec6df f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
GET /releases/v5.8.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rtpjoss76.cfd
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: font/woff2
content-length: 74256
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "418dad87601f9c8abd0e5798c0dc1feb"
last-modified: Fri, 22 Sep 2023 01:45:57 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0LMUEv7Ova4Eqngq1cWw2xxDSwnOu3PUvYvZ8auvpd8ncyxypFUrPNfm4%2FOWKtTNUdfDo%2BF8bd8V5HkD20Hspf5kq5W%2F5CVDATr7GlcTZTM1jlO3YXjpZVaC38WAB4%2F39cCkoFgb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b487198920b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569134.png | 104.21.14.82 | 200 OK | 24 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569134.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 200 x 200, 8-bit colormap, non-interlaced Hashbc3878f343002a7cf72d5fdca46209f0 752778f28f1544a6cdafb1c3809712153313287d d8ee97b5d5ad7bbfb65d9b75623b1b36aca8fe6fe4fb8705f1cad34d5da6ae24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569134.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/png
content-length: 24236
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: "5eac-5fad98ee87700"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKD%2B5uXP3F4Q0Cv6nJE1ZHuT%2BHBAfy4lre0g3kDCPs0hYMo%2B%2BnLn8WNuuQ1DyTyAVRaawowIyFOrM9qlFTss7FF%2B9CegjyXP%2BvAfWudh%2F3yf6oaw0tNBebls3uYmarEP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48732d3db4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569382.webp | 104.21.14.82 | 200 OK | 25 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569382.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hasha67524fe2feeeb5af84d03a9eef1b904 2c1a471fb14f11add160ed315466c614301fec7a de37bd2dce9cc91d35f46c793875e48616ab853f9dd98c9f8702b89b192aee9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569382.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4b74-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HpI0fcspJFE4kRrNeuym9TTPQOboaxvW1FGB40RJkqIyvtilJbqBd9clC3TSgwFwRk%2B7toITq%2BZZ%2Fc%2BFfsTCHR%2FUqQxZD99vFnfKZGAeEyQ%2BjX9%2FbySr2zNtcC0va1jv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48731d2ab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569129.webp | 104.21.14.82 | 200 OK | 30 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569129.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashe1bb6b3d2ada1896cfe522f2d003f18b 37fc503bb212c76b59757b9a61522330a5f7d138 ca3b8d74366baa3605c08d1347a33f9aff0485ab40eaad2791197272bf1cabb1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569129.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"66ac-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BliixmkdiOZf9tYEB0WTv6dTvENzdgpEVI56jijSbjCeaP82nq2qQei4OdXXuUPiw7%2F4oLcayBcwvO6MeHPHDGdKRathmYHj5A9hEtMJ4sz%2F2j01mR1Q5FlXwIaqDsu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48731d30b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569383.webp | 104.21.14.82 | 200 OK | 27 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569383.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashec200f0e330b1083d9f17f99659bcc4e ff87738f0caa75370013ff1a4adbf233dac39925 74848e0c1229d2586eff420fa34ade02affee496b8f7b8e14d7b7d09d9f87e04
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569383.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"589a-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWzr0lYi4HXM3NbTEdyd1ird7eDNJ4fkqE7FVJAUV0kZLdLAPvKjdERyUEdwWekTDOPYlLUuptdYyEvdghsiWByqagLqO7ClQKhMMyrEdGTkzDGuYw2ROfPMHrKC5iR9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48731d2cb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/habanero.png | 104.21.14.82 | 200 OK | 3.9 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/habanero.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hashcd59abbfc1b1e809fa28bc3886445e60 64323a93513e12af2eb0272af6effae6ec5eb136 a1a64b6dee2b364e8c662ef1c9d03f149167e73e520b402363a01c7a8fbeead7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/habanero.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 3902
last-modified: Sun, 20 Nov 2022 06:47:20 GMT
etag: "f3e-5ede14f744e00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0jyayuseAZpxR0wYpfdUiuQZFI1wnF%2FOhNYKtbDwJXTk9EuhJFSV8T%2FBjA8i%2FDmz1RMYMP3lq1wDVJ1oT0hbLXywE5ljQc%2BZW4ItB3XMxfaN9YQ%2FPyS740Wth6MFWTW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48785e9fb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569403.webp | 104.21.14.82 | 200 OK | 24 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569403.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hasheef3e6f094cfed4ce7e9d26b759d67f3 445f68f1aba28b3e7b389324bf85d6b757fbd9dc 2be4d17581b996864f5fac37098e3ea92d2b6b1ad5cd2505a44e85954cc7f8ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569403.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4f52-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0gCNbpqexLNC0A28eLq%2Bum7yKIgBtnLr4uRVBkkdav4HrtEjxp3m3NRZfOSvNaS4xHLVCqGRhpPxosnXEa2MNXyoiyHC1QVD9idiq03D39B1icMa83TP%2Fg6F97YAuwW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48730d1fb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/live22.png | 104.21.14.82 | 200 OK | 9.7 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/live22.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hashd284e4eee9e5a8c61de152408ca1ef11 525c55c22aa86e3490e6bf66f07138d0281cab3f 756506a2c3d8ec9f2900d39a541d886661ca0d52d516ce4dbf0524dbae326cd6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/live22.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 9715
last-modified: Fri, 07 Jul 2023 17:21:24 GMT
etag: "25f3-5ffe8dcb68d00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RT9hZbiO1BSH%2BaYCO0cx%2Ff2TbYm6fvXNJmRRM9v%2BHaL8dhJvyoZ6gS48D0DsBx%2BXe8Us%2Fkbjc%2FFwoM9wYjoYOZL2WZUz%2Bf13bWto%2BEH9mUWJXpUGTIR6nQohrawev5me"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48787eb6b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569130.webp | 104.21.14.82 | 200 OK | 28 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569130.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash6f4b6499b187c7e18a5ea2efe5354fb3 3c6ab2f38f03dbb6453169e7d5ebd89d6cca66d2 ede0a1f46822af94df7443016da3258fbd8462818119d8392bebab11ef8de3fa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569130.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"5d4c-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mVIl%2BxrQTyUQ6g3ctskp1HfgS7jEJliHFIPlD%2BsyPiK%2FK3MbPzEM8DjPjwWJm24sOXU2KP6n%2Fn9O4r3vDUtx%2BycbjhBVIseRsu37yjql0Y%2FrVmtErzsz7MsDfxI70UJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48732d34b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569379.webp | 104.21.14.82 | 200 OK | 29 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569379.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash8fad3fe662d120087b6deb2e058d07de 2920a4341505f86e2f6a7fc48dfae49f7510a676 33d9cf34cb92821718619fd00f533c3082773bb5ded16c40f2c2f2c214e5333c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569379.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"6382-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2a93Qkf0df%2Bb2lsV4T1UO4ndbkwEeYe6ErFYvLcKWIM1uXtOBch%2FvgL2DAz3l3bOl%2BfzacofUWeVLVoajlSvTfrCoGjl0Gcw9hiTIZwCo7Nd67qQBscvRqOf5NQFFH20"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48730d22b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569401.webp | 104.21.14.82 | 200 OK | 26 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569401.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hasha66757cb7ccb11268acc605bf7c71339 6790c1a973fda290dffa8854848d202547faab82 54c577fd2d0bd61faef2b49a15e014085fde9ef294f45f87445901579484685d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569401.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"55e0-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxtS6FS42ewm%2Bayw75hPuuoMxkqZJjF07p7N5Gs0d0KgTRNnmNls99fxaYXd00j0How5ZvsK7g4hcSd69ZtEsFC3hjdhrxoyhjJKUYZsTudQdWsqx2UIhEV2KBc3H1bR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48730d20b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569292.webp | 104.21.14.82 | 200 OK | 25 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569292.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashcb3d3e0fcbdaeec4269defcb9f47bc1d c62740384af8d8c1c7edfa7edd8531d5c0bc97da 12ae9e147b615849c95c9d11c641bdb67c624fdc28622fb2ce99c072f227f980
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569292.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4daa-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGEYd9T%2BY37xFJcKE5Xo3B1E7b30Fyn0mFM74GCBApFT90adLl%2FHO9sQ0Mky4llvuioIs2VMN6gGFrCftaZ9BaadUfDXDrNoWbennqURt7GSpm%2BnNbhb9knriKqe9%2BKJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48730d1eb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/funkygames.png | 104.21.14.82 | 200 OK | 4.2 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/funkygames.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash2b89fce456e36bdc788c59bf43c15a20 327b3bdbe372e654f96ef5fca43da155881caacc 7522c5124d66337bcd24a79f590e6047f24785e0e49c433dbffc5eac362dfe69
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/funkygames.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4204
last-modified: Sun, 20 Nov 2022 06:53:58 GMT
etag: "106c-5ede1672d4d80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iZ2WFkzW0tHXltdC6WRzLkMGjJ3NAomez1a2b6r2ZoBU1NkBir%2BPNDYAktHqJSA%2B2eDKAn%2B65TfZW54XMRDniirNqK2spGv2m413MjxLPagucZ1QgkcfD%2BxXzrc%2BeAS6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48787eb3b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569384.webp | 104.21.14.82 | 200 OK | 29 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569384.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashed8437d81e35ab1548828353b6c08dd3 79dc18f6f6837bc8b8d5b0f4bbae723600b7425a 7364903bb869d71e6e7b23ea9b45a494f15c842b348c2430568cbdf4c5f2cdf9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569384.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"659a-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OM9krXDS%2Bpul3%2F1Res6lTJIXg6UnXjGqbBN%2Biio66ELe57T42Cj8pkeLpWfKLezCu4qeGsEQGosTgKn1ykRVTaWUsy8DzN8RNpvv6jc2Yfwk5sZal8kLTDNUDYsi%2FDkB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48731d2eb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569380.webp | 104.21.14.82 | 200 OK | 28 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569380.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash4b3538b42508b416d2d96a854ad45f05 5598c5ae45a92b6fc6bbf12292377e78da143aa7 d1b79642860f976b7feef98f662585f3279d1d9249f04e30676e05dbf2fafa68
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569380.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"5a66-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cz3WleBpKb5J9kXQ%2BiJviOXDnmk9yrnOO0%2F3AuVMrQQEYheyDbdm1WFdS3yB1YITf3M8aRIbi2oboARrOHUhToyT95bTDH2fayh79qdrONsyco2FtpIrPAFN3NLrx1op"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48730d24b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569385.webp | 104.21.14.82 | 200 OK | 23 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569385.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashb1e7719ab311da8d7cb8120e6fab40e3 3de49a1489a8a29131f8408aaad79c9e33f6e837 c005bd97e03fdb7b76facda50c894dbcd8943210690cf8d7847a5bcfff541983
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569385.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"48b2-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCCHAz7f%2FwMvbmoAmra3I05ibVhFvSVSDbr1Rilgm%2BhSSdjhBWzKbNLa%2FoIiJPgg3FMbXF2neBHzMtkSwWBT1SOjAKpYhw8W%2BEf2%2BYVzGs2PrHC6QZ97if9mrk9GEEYG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48731d31b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569127.webp | 104.21.14.82 | 200 OK | 25 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569127.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash074b77c76a8b65bc7ccc9b6db07db66c c97646b6f3af371defd6ff3766cf05f1ce84322a 5892ab028aa347910e0ac58a1115276705e15898706634f103d26c2b7e617f4f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569127.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4ae4-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXCSR35vyoOTURW5hJjCCMei8CecBLUe%2Bvto2TZV82sRs7%2FX5WG856e5p0LwuaRuwhefjEx2J3Irjeih%2FMbUB4vRBlaPOpB06eqzDCFVw1jnPSQUw6HYemNc8oVwDzHA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48731d2bb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/jdb.png | 104.21.14.82 | 200 OK | 5.5 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/jdb.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash96e0656a57e35a875db2c2bbd77c3ecd e4277301141e2fbbe9976872911952fc302bd22e 8572ba1e9e7aa2ebafbf96f342be5bb2646ef17cf895093dde2b1a1416514f53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/jdb.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 5459
last-modified: Fri, 07 Jul 2023 17:23:42 GMT
etag: "1553-5ffe8e4f04380"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x5Uxy9jLTD3zjwxDmp4X3DrcUqDJ78u3FbLj5daexeQ%2FNopyk58GEewydrMiGWIDR%2FWzJAmzG39lItkLxPt93B3nJe%2BzJ0jT69ZQwhSUh6rWtFhPUBamFIWFdch7mDOW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48787eb7b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/rtg.png | 104.21.14.82 | 200 OK | 9.5 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/rtg.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash2226c78768b29a80cb6e0168f23ce9b9 36637655fc604dd081919ad09bb8d223a498094b 9fa8f1be80e892972332b7066ddb356c8590e918b5d22e37b366de53400a4d37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/rtg.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 9486
last-modified: Fri, 07 Jul 2023 17:29:02 GMT
etag: "250e-5ffe8f8031380"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3IpPRezIf9C5O%2FqPj%2BwhCkJfgcaWjim2skY%2F5dT0TUHVrZ4ncu9zS5kfHHBAxiMJWiqw7tp4uD93gRFy5oTbskMoUd5Pzqz8dhfHv67oyEe7Os2hxIRTZssd1K%2BfsZ0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48788ebab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569128.webp | 104.21.14.82 | 200 OK | 26 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569128.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashee0cd9f0752ca1186b8e152009c1eaac 9a0ca985c305213829071d9ca6b59377ff7ce06c 30e95b5ae612b9cbd6cd1c1b2d8f9cc6be2213f9e782269f1aa2b6e11f63a5b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569128.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"541c-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f8SftBLG7xyjUmlLrE8CsXqCTfQ7sKThRV4546cZvX8CF83ADDEUfJ%2B7EoI7pPplpzde2oZ%2FccvUGz0G4AIljHt8kz3u4BiJNmfbcJAWydkUP%2F3DBoHONYr1riYO3yBR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48731d2db4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/jili.png | 104.21.14.82 | 200 OK | 4.5 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/jili.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash1e93e9305b0f27c211882645e6ac63c2 2b97a8487bbe63f39faa01e2e19d0e4f7c3febdb 79000180d81ad616332242b05e4f582924a80b2b818f3a1a8564cb10c6a151bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/jili.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4468
last-modified: Fri, 07 Jul 2023 17:24:24 GMT
etag: "1174-5ffe8e7712200"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n0Ev4Drn0wUjfdjaCUJiAXIuHH26aaZTxepnC5wqSh3LQZseNelnmkEmae7zcJw08UsUtMsrbUqo5tvIfCGICKHo8ZMYbCQVqiQDOMHzr5l%2BfL0mbFKpkunmx8YM%2BqLH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48788ebcb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/favicon-16x16.png | 104.21.14.82 | 200 OK | 1.3 kB |
URL GET HTTP/3rtpjoss76.cfd/favicon-16x16.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hash0b3bdaae57f2bb72703b18a45e1291ac 5d4c38932e3d63a712fafcde04396f57c43f0c3c 58cb542fb873d4e85ce42e188fdb3161203b547e3cd60e02209d961ba51823dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon-16x16.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 1272
last-modified: Fri, 07 Jul 2023 11:15:26 GMT
etag: "4f8-5ffe3bfea0f80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUgKo%2FMflrf%2BHZg71J0%2B4Ehe5nN22MVuMiIPIXMUGtRAg3MYOHhtGKs7vA2Al1O2oQ8MCF5fLcYyAk2sM1I6BmjGQPsfuBluNyLH6EroE108hy3e9sA83d6dUApSwKhn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b487b9ff6b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/joss76rtp-banner.webp | 104.21.14.82 | 200 OK | 76 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/joss76rtp-banner.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1280x366, Scaling: [none]x[none], YUV color, decoders should clamp Hash0991aa31d3233f03aa084dce9c150406 7c93865ccc73d8e5881427724de483d68f84f47c ab7f32566377c845b9b24e350335745e744852e5d493d7ff9451db66165f2754
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/joss76rtp-banner.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: image/webp
last-modified: Fri, 07 Jul 2023 19:26:28 GMT
etag: W/"10caa-5ffea9bfc8100-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEBLtyC%2FWJ%2BXTKkBWt85OM4avYdCnqCbHoUfJMiVva2ncTI%2B0WwhSHpMsQg6noWiP%2F0KhSIy4VMCGPyt4EG%2BpltWYx18FzsLFqy7ISlx9nWR65ScnlnqPRymyrE%2Bs2%2FN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486c2a85b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/bg-body.webp | 104.21.14.82 | 200 OK | 94 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/bg-body.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1440, Scaling: [none]x[none], YUV color, decoders should clamp Hashe7d0eeb7f0bb6803b89871508542c44d 006eee0e080f12bb94a5d8ae96cf84771b135c75 934364439a8a5ffbeba7e523fba4fe71b4c02f688fed0990d0ebdbf72770baff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/bg-body.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/assets/css/rem.css
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Tue, 02 May 2023 23:37:42 GMT
etag: W/"16e5c-5fabe6cf0bd80-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mfFSSVsFJl7jirjNXMj4sFhPOc1AxU4eB%2F5q4weqT0XudOMhxZOq84PzhgS6c%2BiqcfcuxACWvEanvPfT%2FWh%2BzxKfCgjI2NP2isKg9gE4G6QPV41zaegZxTUTdvChq6xZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48713c7cb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569386.webp | 104.21.14.82 | 200 OK | 22 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569386.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hasha80c68ed222e8aa4a09b6ae5ea982b19 90212953fd46a72b8ef51296adb1b4ffb8c3f31e b900e829a729df5f00403393473b74b7dd921f5a2d4d833c483b3870c9cf5770
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569386.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"55b0-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztNmN0S8tldb8qfxzr9GMd9XTruyou%2BW%2BOUT3Y97sKMpwPmuzqTMXdUMVOCe48xoFTFWZaqm2G0S9%2FukYSPCk1V7yM8BOnlRqICs9dF12lykFWog6LI4qZTY60Bi8U8k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872dcfcb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/apple-touch-icon.png | 104.21.14.82 | 404 Not Found | 1.0 kB |
URL GET HTTP/3rtpjoss76.cfd/apple-touch-icon.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeHTML document, ASCII text, with very long lines (1143), with no line terminators Hasheca4740d1a1c03254d10fb3871a3ca02 3de8de215e8c7764c16dbfe8f96d51f390eb8e97 bb414521be17f0125fff343330c1e292685cb9f54788fcfb66157ce3f2dd000f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /apple-touch-icon.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00KKLPQTU6wz53ymY90ekQCTJ%2BjlCn%2FzdugsVCNr9aP2QM973uGWI7nInl3mFJHwlalJLwjswYEsiD%2FqUlfQ9JgokxWF6AHksXxw%2FyGKQpuZjRnVkSE9e3MGxUcyTtsm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b487b9ff5b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569396.webp | 104.21.14.82 | 200 OK | 20 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569396.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hasha327271b8a509bf4ced91bd95bb332e0 10588f2339d9d829c2997c72a9774caff510f9b2 779d038c48eba8b953f156f6325cefa45bebef51de00951fdae332f373980629
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569396.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4cb0-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6Wx9B27mgLCz%2F0CwUbxBIafZXKCGAgY3aWYmksxSP6jzS%2BTDWyNBnzbCmXUlIK5a2O4whDHE5Xcj7N1vW0KId%2BeEbR6iZCsVxTIX%2Bt91BDXKJVh7AyFEqHhOfj9Vizm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872ed01b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569136.webp | 104.21.14.82 | 200 OK | 20 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569136.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash0b12bfd21a59cf559c510be955a8a806 6a9ef0b5bf05a9789f453fd2cc6c6bfb84652b16 cf10ce49462e5db30ca013b71373617dd94267352c7baf53d0eea0a437728369
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569136.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4f30-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pKAjvs%2FeyJylUZPkS1e%2FG1bDwy4daC%2FQecNhKRoCjCHeUIocibsevDLu1zGQ5Sv2NAoSX4IsLbIJ5oZ6zB409PSA8Yla9KDgO%2FZJTe%2BFtae2N2NPU7B%2B7M98cdMx3Ck4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48733d41b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/redtiger.png | 104.21.14.82 | 200 OK | 4.6 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/redtiger.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash30c0de78acdf1c58606b923f5504da06 a6d0c83f424ce74ff561617d43b122bbee193584 196b87dbec47beb08acc700d491417fc1ed5dec4b03fdb9b90e8ca198fce13e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/redtiger.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4593
last-modified: Sun, 20 Nov 2022 06:52:00 GMT
etag: "11f1-5ede16024c400"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5kVxW5Ilr3J%2BSEEw2ZG5TF%2BixY204ZqdhdzqQNb%2BCHpEuvem60HFeZN2MXwgrsTX9C6hMi4brgEXnsjflCjhhyaPT9F1yq8tziyCGt6ChahtcXsElKH0ov2a2XO06i3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48787eb0b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/js/jquery.min.js | 104.21.14.82 | 200 OK | 151 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/js/jquery.min.js IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeJavaScript source, ASCII text, with very long lines (755) Size151 kB (150760 bytes) Hasha39f62a3f7fe2bafe045954d7531a6ca b9d1dda377b176d972254758ec4a5521187b5c7e 558bfa6de008806e7b9e84f7d23dd7afdfbfdd7d8822e2f3057086409a69fb40
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/jquery.min.js HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/javascript
last-modified: Sat, 08 Oct 2022 05:00:00 GMT
etag: W/"24ce8-5ea7ecc6c9400-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvD7ksJ%2FjknUS1i9LtKRMtEu6jGLyVsxb4dOKVTJeZYoHdRCmZiP%2FPYGx5YUulbtkp48Lopj%2FFZEnMMJrVL7aS1VwjI8oYUrBu3AHmqUQ6J4%2FDIqNmMFj1gC27uw3Y6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486ccab5b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569132.webp | 104.21.14.82 | 200 OK | 30 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569132.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash56edb673030686eeb8a6aa4f04e63bb6 4b13783bdfd7cb33d1e2cb1b818bd04e8746535f 86b977c2ac14195749bc6922a8493fa44153d49919640f05d321b2bf72f0f2f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569132.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"7520-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6M7o%2FRtIv5Qv3rDKYfRYgT84%2B%2BqWW0lmp2ksNyFtZY6zvNmeYJpGY8kb5EFPuixXCq4vkEvyGqA9lFUEh4E91SMRtC830UOZMATVTdXsCH199xzgkNcFZF5FgxCfFM56"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872fd18b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/sad.png | 104.21.14.82 | 200 OK | 8.3 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/sad.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 246 x 179, 8-bit/color RGBA, non-interlaced Hash3f27ef15fa733c428dcd5d378141129f fc23cad7f675c9cf00481a1c9daa231b05ea3fc5 8bc800297c808160b7ae93f14c32e5e7bb15601511def082239d4193255b8fe1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/sad.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: image/png
content-length: 8278
last-modified: Mon, 03 Oct 2022 07:31:06 GMT
etag: "2056-5ea1c5397e280"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DCQd8Cvz49VAET5AGv0%2BQjCnoZwQ60Nsk%2F6kmdCqKLrV%2BvrkT9DVeELTa2XDliO7nblIyk3%2BdRxI4VC7BC5qooC%2B%2B9JCcdoG8cXGzwsHTY%2FnDSmR9Xxhx1lfdRZTCVRU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b486ccab3b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/js/bootstrap.min.js | 104.21.14.82 | 200 OK | 93 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/js/bootstrap.min.js IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeJavaScript source, ASCII text, with very long lines (536) Hash458a25fdf95fe9020d06dd22c93662b0 0d6816e20ffe4fb156bbe1272736ae5a1d0bbe50 271e136cf093909b3762c5a3abd25d5088e5c30200ef24e0ae8652f60290bd8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/javascript
last-modified: Sat, 08 Oct 2022 05:01:18 GMT
etag: W/"16b86-5ea7ed112c380-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2BcBuRi6UgV6kiX%2FqtE6Sla1vTo8N8EI2qJ0FX8djTWUWZs64Zwzl2mOqz1Z8Y%2FfGY4mscuz6Y9jCrujkGOCrC1tcZafR9g0She8sIZh%2BqCY81qCeaC3TCMI676%2FE9Ap"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486cfac9b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/ygg.png | 104.21.14.82 | 200 OK | 4.6 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/ygg.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash25b985378e2e4953b2efe2773908c77e 64a251b907230a3e5154fef5b71cb34b73c10e75 95ed3fa5c747e4b87237f532b7b985763372b9ff131b100ce9adbea90a11115e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/ygg.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4555
last-modified: Sun, 20 Nov 2022 06:48:32 GMT
etag: "11cb-5ede153bef000"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3J5%2BlLZ6tMXngaqLP4UW7b%2BS5Bsst9DnMJ%2FCQUPrEf5dOC8NMzyYtwMQJEmfD83zqo8C2pPSciCVu5RuqP8yb%2FypXTBwY9UzeXm7cR9EWc9VU8xx0liuSvspvtNJkdgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48786eaeb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569249.webp | 104.21.14.82 | 200 OK | 23 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569249.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash3dc4a002bf2b84252ed8978ba822bca2 d99f1dd5921a0784b08ff5be60e17c268962e422 88de99df9b6faf190f6e773d443457b4f829751a5193375467f0f0e0eb4e6b5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569249.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"5ab2-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k75mvm4khhyiTh69VpC5S%2BQbW0esnRg62UFr6hFGuGqBQck1ZidLMJoM3QKnMU7H%2F9nC%2FGOylxq77wEPauepf2B7hlUJYxy5P979BZmE8twhB44n1DKaX%2BKDyCozyAC7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872bcf2b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569135.webp | 104.21.14.82 | 200 OK | 21 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569135.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashf691b6ab1f46b2d6b5ef3dd8262d8383 d9a10ff34351df423795d81d8d6c03c8885e61ae 527e224c260bf01a418c4b3008529e9455778ba17af9bf46751003ee5cf4123c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569135.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"51be-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7uXUVO92tuR7QgkRLGpIzGm9q%2Fbwj6ZPrZx4AQuQf57Ts5ZwAqYqqqeBnfJtoN5au3Ec4GJ2G9lNkeiM88QeHorT3lxId878LRONunbGQVj3fisNtYuw2vaCvHek7QaJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48732d3fb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569248.webp | 104.21.14.82 | 200 OK | 21 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569248.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashe418b010db3833401702016fe37c8e7c 2447be01bd84af4ded9f98241f01c579157d28d2 1514b8278eacb114891933be66304b4d5b2565a44aa79bfa29bcdba966ae9eba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569248.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"53aa-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0hLGXoEecI40mOes%2FqnGs%2Fln0%2Bnt7dlE6osCeCXWlw%2FqqZhgpkuOFZvQb89oAuXPtR1EyLEmzC6TmOGRlpt5RcoLmnYvY5XLUqv%2FJybuOmDngzLBvzHdDmvEyvfhMu9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872ccf4b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/playngo.png | 104.21.14.82 | 200 OK | 4.2 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/playngo.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash16dc43ca93fbe9bb31e627123954e693 d211ed2a0cb38a94ec0ceefa2c9aa1ef8b779abe 05f4fd3d53a7a19f754ed5f7e52afb7e4431b6453cafbc5a5407cfd223698a10
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/playngo.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4222
last-modified: Sun, 20 Nov 2022 06:48:06 GMT
etag: "107e-5ede152323580"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yAdpqz%2BiyGnDMy85Gc%2Bx3HEHgv2pnwzkZvgVHolGwPQ65CLJWyWSsGnuKBhNU%2BRb21lI%2FYEc7GkF1oBn1airIE%2Ftue5APIWZ7lq%2Bc1%2BuecrMXwDctyWNCNpBlvdQhbh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48786eaab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569390.webp | 104.21.14.82 | 200 OK | 20 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569390.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash7c151a07b966b72dfadf614ec848fb46 034f7a723317b4ee18645faec81d98c3233a6d65 0b2f86ab8675a5c53bac56dc7a3b8d9419e006c95772dbdd5339df4b6b7ecfa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569390.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4c1e-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PIK2yFTgFWOWhDr8g8u9BtaDDGIroa9T%2FeYCfbhRoVHAaN4yad60fcmdrFGnMIVgHZXX%2FPJG5gaSvCDO60hMxxQLze%2FFpHa6AoS72iietAc4RWRNs08JU8oUMDSRPYjA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48732d3eb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/pragmatic-play.png | 104.21.14.82 | 200 OK | 4.0 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/pragmatic-play.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash92f91a324ed4a2de756588b10ed47080 bab2296162bc48ac9c67ffc663da8b8551723aed 1125333767eae6bda980032c1756695365166cf81d13f07b031303c8ee5dd2fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/pragmatic-play.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4046
last-modified: Sun, 20 Nov 2022 06:45:54 GMT
etag: "fce-5ede14a540c80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=71%2Bu4M%2B7zI%2FLpXtiRehSTtCgu8eSrWdi%2Bgp3IE9myhefRqjvIaTp5BtIoUZ2tGFrzS%2BdCN208tv1W3aVufTs7CkPdhzbl0CHOznCTlxbfBWD668tlAlgCbpRAPmhYbOq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48784e96b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/quickspin.png | 104.21.14.82 | 200 OK | 6.2 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/quickspin.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash376d86196cdf847daca7bc7593f34aeb 88960e38df5f5393f8d192078b29a853f10800b1 c9750d34829ed7eeb7243a40eab51af2d9227c064f53daca87ccd5839085b597
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/quickspin.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 6245
last-modified: Fri, 07 Jul 2023 17:28:24 GMT
etag: "1865-5ffe8f5bf3e00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ogm3pBLAlriHH12RnTgvk2VDYeXfJ5cz0GJipv3k1%2BwU1U6ePqeq7wOeHxZO9aCpwUzNNGVJzKcHG1IhgENG2vF8si085vIAEzFAnDkmdH2BGxs%2BVGO3JTjkbaXljvt4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48788eb9b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569250.webp | 104.21.14.82 | 200 OK | 22 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569250.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash0894552b4ee1aaa06236cef06cacc0d9 bae954831f3559e44f8ca8e2a797b76693395de0 51eb8039436136942cc63c11a23d60301c65c2d6787784af8a2e13487840d6fc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569250.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"54fa-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zta%2FqQlRICNF9R2rhg2XuUrs9w5lsSqwgueKTVA7vkSOAKcLGedzOVNpDE8DrrzB0GwLex1gUsmPUYXkN8zVGhyQT31iDuDl7Js0zvP3knAlfgqtrIZCs%2BJUxEqEcpRG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872ccf7b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569387.webp | 104.21.14.82 | 200 OK | 21 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569387.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash37476b511f9d4787af96250e59a06135 aa367ea7ba3fdb0ea232342101e0b6c3e9bf9c12 ef488b13bd3e816fd45a9d5f941e2f9f24e90e5e39ff3ff5746008c765d42d23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569387.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"5220-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kMhFpzU9wW9Tajb%2BOlfUWHVIVTak3i%2BUXlyI5WTXHOl8EHiGbboXPjXx9uQUzoSeL%2FT0O9SjihSLhav8ovNow59La3nlg8NIOKc4i7PqCQbgBqK%2F%2BDb5WQVSSCYgQT0t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872dcfbb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/microgaming.png | 104.21.14.82 | 200 OK | 4.1 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/microgaming.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash800069af25a0f523d823276b612db7cf b0b8716c860f891e4fe7bd1fb311bc7e5237a39e ca1a9521b2b8e5b4f3e4ab966dd4051735932ff5f8a45ae96754596d9d6259cc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/microgaming.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4105
last-modified: Sun, 20 Nov 2022 06:47:40 GMT
etag: "1009-5ede150a57b00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wMm7oYT1ajF1QQtpf37Cn%2FlMBhaiAgpkXiqoWodk5TyVRksWPYy22pEBbehE99sGxItU2VE3ut2cy4gmpoDWyVOXSEJSfoFC5M9vQSd6dcuNdMdyRkriMS1Pt6YIl46"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48786ea6b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/568win.png | 104.21.14.82 | 200 OK | 4.5 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/568win.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash82d0a0e452de3f6b90416c439492b677 4d7744f1a3668bc2f257a66c81284247fa1b0a6c f4f089c787314cde8ff25ac864c67fae8517a571fe8e0b14155ae9b3cdba25c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/568win.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4478
last-modified: Fri, 07 Jul 2023 17:27:42 GMT
etag: "117e-5ffe8f33e5f80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tirsT7pU1nZWiDoOzMxTOW9GAZDcVU%2BAogai9Z0OI2iEw%2FHwCUQv6eq5kHp912Bvp%2FjpZJ3hfnNUuL1rh7%2FweVEvVWcVUy3LwcyT7nSHk4W5KsjZRBj1iB4RYEAUfd8N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48788eb8b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569169.webp | 104.21.14.82 | 200 OK | 23 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569169.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashf4eac8a71dc6674a5b41cdda30956d36 02e62a6f7ed7d79c7ff743335d25a6a19f924b41 b4f8c80241004be97e9172085380d5e506bb9cba7342780d642b3580b39dc601
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569169.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"5904-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IqT%2FPZn1%2FaBvGbSgau446z2nhfQkQt7BFC%2FqmPTeE8oFHPxm5iafwcT5DaQDv3bw8LzYpdVgyFbIyaUQ5Oydis6qM2gDVe%2BGaVld%2BPYOxLzokFJJji9yvPSMPMANscNd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872fd14b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569388.webp | 104.21.14.82 | 200 OK | 16 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569388.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashb32331961776791b1b09693a9b90b0b7 774fe1773d4ac5f604d92eadb39c666625e96f82 a3bdce4a580398745d427634533152c5297a7423f7af15d1873b25b41d58c5d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569388.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4030-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIGg6yeKlWaJxBava5%2FSYec38enQaIgCUDB4n4toWy3%2FDSNsd%2BUnADOgzQ%2BIwPbYaZLCy5KXyokDHcDvdV9qy73fd%2FbjVsK9SKQkiG%2BNPS6nVAAibpuoBc0GWRXBr6ls"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48732d37b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569440.webp | 104.21.14.82 | 200 OK | 23 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569440.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashcdaa4a3cbf2e00a3604fc88b2e729275 53523bb8a1453be45577a5c5a8cbd7ada194ee1f 3bd20d7de9e56b5904a3dd38c5cdcfd1a294e5e23912ab26081db6e8bc2a103f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569440.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"58e4-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8il3roKJq8LiJu4SKOWXCesBpSNldumOLRZTKBWwjE4%2BRvX%2FhHJMgC2X0DvsuP2jN53zQWSFDSPVWx1%2B7IFzNN8ikM4tLDS36NDbiCunbV8n63m9WWxSGGoskWr6kUX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872ed0ab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569392.webp | 104.21.14.82 | 200 OK | 22 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569392.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash540c9a405e3b830ca7bf505aa0b1d4a7 a30ccebd39c3a285875e9423932f102a6f8c621f 555addd1d4cc15ec20dae3ccdcd021791c221125d548addfb8a68e3de0d69215
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569392.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"541c-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PjrCyGjR5TmGAinRy6oYkyDM3PTFCjqgktQFY%2F%2BDuq0GmDAkPjST90LFIvZC6DaEE4RMbwHTgofSLmNomwvI3IjfjGj%2Fe6gagna5rIiXODDcHbUyaa%2BH%2Fc8BmXT2F0Mn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48733d42b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/js/popper.min.js | 104.21.14.82 | 200 OK | 37 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/js/popper.min.js IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeJavaScript source, ASCII text, with very long lines (639) Hash26dfc0708475f9cb6a0e6aa0c5b1375c 9b3a4eac5de7ca8eca0911d3f0e95b91e40c7c79 5f927d27986610342104912c62f73c941eda6366d7f535aa84880b72e134e9fd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/popper.min.js HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/javascript
last-modified: Sat, 08 Oct 2022 05:00:36 GMT
etag: W/"8fb3-5ea7ece91e500-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fT%2BVkFCBzDb2FbF5FEXDK9QU2UCQyYPbutmarhkN4Mzrb8KYYn3eSuN%2FXmJa8bPn5ECv1aBAUO%2BhB8GnHaBTqGSu7uv1CUaeeMbwOhFCh6zZDFvXD8yPriRPthHLlb64"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486cfac7b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/js/datetime.js | 104.21.14.82 | 200 OK | 917 B |
URL GET HTTP/3rtpjoss76.cfd/assets/js/datetime.js IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeASCII text, with very long lines (973), with no line terminators Hash6e4a59f30794349522f6d357cea2a7b1 b289668e79dcb9214f776a3926f2dee385b7e882 3943591b5c033fd91b85a957feaacfbc3e62068dfa3c1f4b878a411305c11aa4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/datetime.js HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/javascript
last-modified: Sun, 09 Oct 2022 06:23:46 GMT
etag: W/"395-5ea9415d6a080-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jwILhWW09d6M55Gdn8ZcimT9VAI%2FmjangQ0iM5DiLJwlgCnJvxqNGimRCql%2BAc1mNlfJZMLIMUh7JdPbtnSRvifBwkRlbZKDCT%2B49H9h025OspC7c21FpBvOoehZEM%2F9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486cfacdb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569395.webp | 104.21.14.82 | 200 OK | 20 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569395.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash28c8116e1e45b5345edc1bc2f794650b 4e7c8cc7df805b5681f75e2433d7e8c7d939b779 e7a678f8fd6d962ca0b829613689f11b1b899fcb74188690b12905f0c3c24115
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569395.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4ee4-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t4mNuJJij9ScUuAMlH77bqEGtofAsHGUsSmYRJbcsV0OTDWxRfivLPZquelxKVrdYHuKpUzYON%2FbSwdEL7E3rUk2nRBOxEvrNlVuaPcWq%2BSKmGqgIoStNQCLoAaXMC%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872dd00b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569391.webp | 104.21.14.82 | 200 OK | 18 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569391.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash2b7a997dd4ab3dd7b1c9f3647d891d2d eff7ce5200ac331648481ecabc6f0193dd11f7f9 2e063aba5ccd86d84a4382236f43b7f6469c7e4cd8edfc437daeb402bc6e0725
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569391.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"4754-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9N8%2Bc%2F6cJo2ZzkYniOdi7gLrd1pDkg%2FeqYbPof7vojLGQG8jsrk9qQeIQW3bAInAhQa36Uq%2FxiDz%2FOf9lPyC3n9peqAxS9ZecAgBULhaQqCT7ZSw3IZLw9B2WqvOVqi6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48733d40b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/cq9.png | 104.21.14.82 | 200 OK | 3.7 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/cq9.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash4c589c11a1c58ba3ddd3bb062a1cbad0 55499c255d9d730509d5f51ea221dd12c04391ed 63849e11741d575c19bbca47773b152ad5d6c10f898ed821d20610a490f385c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/cq9.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 3672
last-modified: Sun, 20 Nov 2022 06:48:20 GMT
etag: "e58-5ede15307d500"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FyvzbAV6iU0P0tOa0SOCnbClrzweujybjJsFugTEUp5eofwjInz4XJiSkgT%2BtSYo2VS9Hl%2Ff4BvsN6uWXB8k8IFt2QBRcSXtEIIWux%2BZVZeIqXvk5NBq7mpZ3X3O3pSZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48786eacb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/sbo.png | 104.21.14.82 | 200 OK | 4.6 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/sbo.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash5d41ec30d72fba90c09ac3980828169e 62cc5fc33753ea371452d5f87a17388055952621 80ed57ef25ae0de775d8bfdba7726d1436dc4618764aaa4f52ccbeab449e18bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/sbo.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4564
last-modified: Sun, 20 Nov 2022 06:53:46 GMT
etag: "11d4-5ede166763280"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TjUcWpseXQDhk09pM%2B9DDAOQhcI6CI%2BIlOV5C4bW9dltkOj6j%2BUrXiCYNSw2m%2Bhtg%2BYXC7KpjgIg7tTKIQghwESE1oVBzjuZxGllVArEHJdPSlHP3WO2Kna%2Fnum2w7ar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48787eb2b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569351.webp | 104.21.14.82 | 200 OK | 67 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569351.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashd04763c35b126675896c43be6abe8144 9acb151ad12e0c2a529ecae395ac2d5f18c6531e 9c8135629e9f5a859ad0fbcf8af17a068a5222b8d11e224008840b339bceb6af
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569351.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"10474-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FEEtxjQ1KQ%2Br6wnmmDUDSoGF6GFys%2FhLAoFlQjP1HTXv3WY%2F3e9SX87FW1JVWWLHEVZ0UrSWgAgX%2B%2Fpr0caL8ef140Jr4rVxaLhzK2J0brpl9pTFxqmaMwQfc4n71jd9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872ed05b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569148.webp | 104.21.14.82 | 200 OK | 26 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569148.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashc0f877ab044cba7c85667c5ca2d6d297 ff5636d3d7d7ab754e5b5fa03b51dcfc74770c15 a82f4226aac75ce7d3417d80dc1fcb4c479dfba19e8261950f26862eb40b094c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569148.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"66a2-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B003DcpJlcBu4%2BYLPOpaEz7uVu2PLXqLHtAKainV33%2B%2FogVyMlIuOg9q7t2caxMotbQJF%2BOQSHSb77p4h9uAXIwIfQ825RzLSMEhYKxGx1ZYWjDxPKcLz69kHrJgphFi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872fd1ab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/js/scripts.js | 104.21.14.82 | 200 OK | 910 B |
URL GET HTTP/3rtpjoss76.cfd/assets/js/scripts.js IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeJavaScript source, ASCII text, with very long lines (985), with no line terminators Hash1375b160aa81c2d6b6941fae8c516c57 e7c51875cb10ba923eb78ee93d59eab331391838 61cf7fa3206b97e6c81479ac32e03dadbd439129ebba98698d3861158adb7083
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/js/scripts.js HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/javascript
last-modified: Thu, 04 May 2023 17:36:10 GMT
etag: W/"38e-5fae19badd680-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXqHo9NemxjqF%2FARwTN1inWZTrkQlx0MIFK8JGJ8pyHL3gJDanzFV3pvWc7FGDiSjYqwwrFVgXh62K27dhd66Uau7KKRP8uH0gv21EZIdN2BxR%2FPOxUhqUGCH4rgdXaE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486cfacab4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569133.webp | 104.21.14.82 | 200 OK | 24 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569133.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash9a05d790763165321103e14dc7b45d21 ad3bc96bc1d177ef16e77588a8ceb8f4e21d5ad4 07d242ae7de44dbc614d483e00fb45cc321ffee61c51a37ac54a7366501c5d91
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569133.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"5eba-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2BWsL7QkaMb07fBGtcaU%2F64ZdAJcZ%2Fld%2BmwBRqHZLsNKNWoKq%2BakcfYdSc08r%2BQtsjMW64%2FqHe16OU8FJwaRrBEsrsGLhr%2FEMEXHiHEbyi%2Ft%2FPDcZUhSBckYSetpAL9l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48732d3ab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/joker-gaming.png | 104.21.14.82 | 200 OK | 5.5 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/joker-gaming.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hashaf1d8040667a6baf0b03c007c1f3ba70 42dd159f5af55708fba15e067ff1d4f58c762f4e 29d35cb5e7e5c6de0b8f43feb61f15783bb30f694701918d244831a2d8fd3df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/joker-gaming.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 5533
last-modified: Sun, 20 Nov 2022 06:46:16 GMT
etag: "159d-5ede14ba3be00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l3S9p%2Boqj6ffoUs3EJ1kNoXvQfQs1eovU7e37JfnZUVjMrIBpyFWfeS4LadtKYLF403w2ZAiinrP8uS2lo4w8CrEEZsCmweI2ICyJCf0MZaIp7AwiqSA0hrelq6U%2BADy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48784e98b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569439.webp | 104.21.14.82 | 200 OK | 21 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569439.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash5a0bcd291fe3859d010cdcbc1274aa1a 66e317a9aff141a269be244478e7bb7935d13dae a9a2eae6e42c44fd1a43caf608ece3853e6a807ad847fdf6ba05ce3cf9f9741c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569439.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"5178-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mruxMgm1gAqMJMp1sAmb2N41uAOfu0gLdkKgwJeEBzLPN3aBs7YF3%2Bn7I9EvwXdorJR8V4CU5JfMOkynHhIsJ6E87KH37opJMJwhgUGJ3HC%2BtOGza2RMGJDsTxAiMnIP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872ed0eb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/bootstrap/4.1.1/js/bootstrap.bundle.min.js | 104.21.14.82 | 404 Not Found | 1.0 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/bootstrap/4.1.1/js/bootstrap.bundle.min.js IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeHTML document, ASCII text, with very long lines (1143), with no line terminators Hasheca4740d1a1c03254d10fb3871a3ca02 3de8de215e8c7764c16dbfe8f96d51f390eb8e97 bb414521be17f0125fff343330c1e292685cb9f54788fcfb66157ce3f2dd000f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/bootstrap/4.1.1/js/bootstrap.bundle.min.js HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dOEs2LAJKHYdgoNsyZEccGuO3x73E7pXunWOvw9gdwJggr9KxjAzMWfWTD9OlqLE8FCR%2FLzGYixWIQl%2FK0UWiZAs1Imy4s67Jbdd5O4u7FZC1EPkGzjJy%2Bh33KDvwok"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48735d4db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/spadegaming.png | 104.21.14.82 | 200 OK | 4.9 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/spadegaming.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash2093ea198178081e913c875f3e212737 d0ffccfcfc82e90b1a191fd4a742acd514cdf9e0 86c59b5502bf609dc4dd410dc27a0ef42f16d5dca36957714e665461c1f14ce7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/spadegaming.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 4930
last-modified: Sun, 20 Nov 2022 06:47:52 GMT
etag: "1342-5ede1515c9600"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cXeRSjO%2Bnr82hdWY5oh89Ws8%2BRKyC57ZhUWZXqz78RNOKaMpsgwOv6dxYJy1MwXshIM7swZHEpMoNhKU16q1PDzjdn9AnRQJhjBgWXrF0OWHvw2xYP%2BkvBZheqxROeuZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48786ea9b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/netent.png | 104.21.14.82 | 200 OK | 3.0 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/netent.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash7084dce5675b26813fd6de44488e4b67 5c6c3c7044a9885244d0adf469d20f2b6e68d2e3 15e16c5b7ce27065685cac1fa647dfee4621aef2a904bac36558f397fe53a985
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/netent.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 2959
last-modified: Sun, 20 Nov 2022 06:52:42 GMT
etag: "b8f-5ede162a5a280"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGst7VoFC7rTATFPIG2l%2FDMSS0s5%2FWyC5F6FJiyT%2BX45KY1N9MNKuYyHAU6T28Hktxo1DlVo3otyQenoIKu%2FvicGtaTuxS6MGTz67vYBUYlNbOq8PLDoNSUrcGu00au1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48787eb1b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569253.webp | 104.21.14.82 | 200 OK | 28 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569253.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashdb778b24bc83e6da1c5af56ba640817c 8cfcaf73882e52bb2eb4a4572b20ae8fe676f9f9 d9fa76ddea2c212e4d4999d0c3859fa25394bf3b002841d4a30cf0c991a86d04
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569253.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"6c66-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c21RhpY2riHfB8scv5IoxH3FkWcNo5y%2FmE3PrDQNhSJa%2FQ%2B0azHMxk0sN5We7JK%2BJY7w0KBOxk2Yxih9GVoC6%2BkdZNoYTq5juOWlmIeZBDO1pdRs6TxAxAqeoN%2FpyRr3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872ed09b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569147.webp | 104.21.14.82 | 200 OK | 26 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569147.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash0204cb52daf5f5d89dca943f09b9110b 24bebf5ddff9646c145e5cfd3fbdbf1f32d0b288 c6370613b517f057cb4f31447b476dbf99e0d40f0a5adf2ca3d65369de5ecf3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569147.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"64d0-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v%2FyIFwFGLhCrIJK1wKTfS7knR8Z4QtZWK09I%2Fk4YbOS7V2CTQNbMkOQDLliCGyNNlIMnIsDPvRG5gwyKjauz%2BNooRcAKa9M5k7Z0PBjPJYjW7GjA%2BCcCU%2FxcckzkB3ap"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48730d1cb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569381.webp | 104.21.14.82 | 200 OK | 22 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569381.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashe6a0ad33df5f7ad0bf216223f66a0218 38b5cce0e188488343dbcef3da0bb66fd017960b cc2e80f93dfe9f45127d797ab5ad83421dedc2f250feec86a95bac9d3669457f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569381.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"577c-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMbXmRWkGQlbPbg9ZhkUg4%2FPmMGsNsSwvH4OYxnxCTiWvoX30gd221OyGy%2Br5%2F96MLVCVwIqPP%2B3shmQk%2BSxOrrK5KzdFXe06gdGZMgY3x%2F%2Bt8HEUB6qPuPAnolhwp2a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48730d25b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569131.webp | 104.21.14.82 | 200 OK | 27 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569131.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hashdf9e138517bcb835248773a424263bf9 6e8cb7dde34c080da8763596a6fd54b0b9de1baf cf58830b6f811143e2fd2c76baccb2c2fbd76f023ba79f1cccdb81c264bec15f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569131.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"6980-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oDfVRJdaYgKvD58wVtF8M0uAbNux9Hr4hsPMtCSr%2BXy0LO%2BG11cdc8Ji%2Fq4Tmn3DongK54G7gFzFM90cXXWsxwPQTLgZyKNnPJBVkW1VZkuznj00%2FU8KMAL6MUkzNx7R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48732d35b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569389.webp | 104.21.14.82 | 200 OK | 23 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569389.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hash8dd799dd1ddaed03d869fe5ff28f1b83 0791650a97e9f5ef3a274facd2980be455a95700 3e83afbd8d588148bd5ef504760747ef0cecad4109f1040c2654ba62c927ac40
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569389.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"5ab2-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmio2BaNuS1rWG9gR3AP%2FOTbIIqGxotWEfnZKcMgTq37czfvPOMkJJs1X%2BLvgsu6mP81qlGkoUKqmx%2FBP1l%2BCX%2FUN1%2B%2FqZwizfHo8uKg5EQilkvuvKk2jd%2Be69fBukm9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b48732d3bb4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/home.png | 104.21.14.82 | 200 OK | 1.7 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/home.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced Hashaf013c2517237e325332a0eddd7dd282 858e492b333301c9ccc4a8ff1d5fa653c5a0c9dd 1499cdab59d19ba93d7153dd261b04783bda1f1d39a002d451bb176d21590a42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/home.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: image/png
content-length: 1667
last-modified: Sun, 20 Nov 2022 07:22:10 GMT
etag: "683-5ede1cc072c80"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9f3rxZ%2FQCfIo7sZy87iGsKhebTIX3VqNzakSRMdHXAk10XlltLFtshf0Q%2BxQVvhPYcHbxF4%2BNnexCSGlBOUvO1%2FQv7do7lsPIqMUDTGr%2BP4H1mUE1iEduzDHJTgBw2TV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b486c9aa5b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/bootstrap/4.1.1/js/bootstrap.bundle.min.js | 104.21.14.82 | 404 Not Found | 1.0 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/bootstrap/4.1.1/js/bootstrap.bundle.min.js IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeHTML document, ASCII text, with very long lines (1143), with no line terminators Hasheca4740d1a1c03254d10fb3871a3ca02 3de8de215e8c7764c16dbfe8f96d51f390eb8e97 bb414521be17f0125fff343330c1e292685cb9f54788fcfb66157ce3f2dd000f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/bootstrap/4.1.1/js/bootstrap.bundle.min.js HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 03:35:25 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=REqxqAU%2BWIpIinj8Rk3pBgnEYiJpQRHoMUIj8HNJwwZYAZgBLjOYKqeGaMwhnx4dvHr6OvdEYnx5QHTUuvnbAP6d%2BUhxK514lHPTp%2BLCK0%2FMn44etqF96tZSiyj1j86L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b486cfacbb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/games/pragmatic-play/1569350.webp | 104.21.14.82 | 200 OK | 25 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/games/pragmatic-play/1569350.webp IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typeRIFF (little-endian) data, Web/P image Hasha90bb3af0a3c60685e363763591d3e5a 16714a08eb652c88d39b94e49756200216958f67 4014d19a28d7d1d608f5a35aed8368161c529f0719ff203f97d79e70314eb634
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/games/pragmatic-play/1569350.webp HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:26 GMT
content-type: image/webp
last-modified: Thu, 04 May 2023 07:59:56 GMT
etag: W/"6098-5fad98ee87700-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpdNYwJk2jTfPKLam1XHELOUkwDfgP%2BCzQepU3vNl7m1idRtZW3sscYP%2FeDa3ndYvxGiz%2BE4Qzl4sL%2FfN%2BvxC1fbkvzRaPYecBYQXnfyb0VbtSMqcGhGK7D4aikB%2F1z7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879b4872fd10b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| rtpjoss76.cfd/assets/img/provider/pgsoft.png | 104.21.14.82 | 200 OK | 4.0 kB |
URL GET HTTP/3rtpjoss76.cfd/assets/img/provider/pgsoft.png IP104.21.14.82:443
CertificateIssuerGoogle Trust Services LLC Subjectrtpjoss76.cfd Fingerprint0F:A2:BE:14:A1:BE:67:26:CC:69:60:A6:3E:A5:C8:16:F1:38:C3:BF ValiditySat, 20 Apr 2024 14:42:40 GMT - Fri, 19 Jul 2024 14:42:39 GMT
File typePNG image data, 125 x 40, 8-bit/color RGBA, non-interlaced Hash1e7cdda3d78f1eb08252548c35798e41 67953cba9b52066dd729c026dd016278aee48ba2 99a9c4032955607c86665d3b8383471e05ded477cdcd129694650900335f15a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/img/provider/pgsoft.png HTTP/1.1
Host: rtpjoss76.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rtpjoss76.cfd/
Cookie: XSRF-TOKEN=eyJpdiI6Ilc5K0l1ZWVDZXdsbS9sNEp3S0tQZ3c9PSIsInZhbHVlIjoiS2l1Wk1JWkJuN0hudjVFb3k1RHdHeEhSMEpDN2NEc0FRb08wdFBNSzhyOFIzbGs2MUVQWXJkRTJpd0dvMVpvNVVPdERCWFQ1MHN4blplanNIU3ZQNWNBa1JzQzR3Y0Z4MEVUaWl1MDVicjU1ZWE1WG5KNlQ2YWFqVXh2K0kycTMiLCJtYWMiOiI2ZWNjODY4NDg5ZTk5ODRkMmIwZGRiYjY0OTY0MjRhY2Y0OTg1MTFiOWQyOGVjNGYyZGE5MDZjZjU2NzEzMmIyIiwidGFnIjoiIn0%3D; joss76rtp_session=eyJpdiI6IkJvQnRFQU0zRzJuNG5DbXVIZWh1d2c9PSIsInZhbHVlIjoiempSdm1CbEpyK1VKTzNkNE9iWjZ1eEhqQTJRNFA4dUtsclBmazB1MHhuNGJMMjFpZk94bzZnTHB1VHpKZHVkcWUzNTYyMThTZTFQT1hPWlQ4dGpzWVNNUDdwZkxZekQrNlVXUkU5bE5YbjF6WnNRK1d2enU5RFg2ck02MHcxNlciLCJtYWMiOiI4YmI4M2JkYTFiODU2ZTNiZGM4MzdjYTkzMWMxNzIwOGYzMmI2NzRhMWE5MGQwYjljM2JiYzgwZTliYzg5YjIzIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 03:35:27 GMT
content-type: image/png
content-length: 3967
last-modified: Sun, 20 Nov 2022 06:46:44 GMT
etag: "f7f-5ede14d4efd00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1I7nrzPiFqViKbOxiHvGz31uMYi2bwL0U53g1LKDWir5b41QJjoOfGQPzrPHOY3OPkopwtWNPOE2lv7Wfjvwj%2B4md%2FbrHnwYyHJmZW%2Bv3YoZ5rR%2FpcA5Fo%2BztFY07uMr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879b48784e9ab4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|