Report - rtp4-kijangwin.shop/

Report Overview

Submitted URL
rtp4-kijangwin.shop/
IP
104.21.57.109
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 16:54:20
Access
public
Website Title
Rtp Kijangwin : rtp dengan winrate ter tinggi sejagat raya
Final URL
rtp4-kijangwin.shop/
Tags
suspicious
urlquery detections
Suspicious - Suspicious Javascript code

Detections

urlquery
2
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
media.fastchecker.us	224498	2018-02-28	2022-05-12	2024-04-15	9.9 kB	257 kB	104.21.233.200
rtp4-kijangwin.shop	unknown	unknown	No data	No data	8.0 kB	5.0 MB	104.21.57.109
meubelkayumurah.pics	unknown	2022-10-03	2022-10-03	2024-02-04	913 B	327 kB	172.67.162.79
i.ibb.co	13485	2010-07-20	2018-11-25	2024-05-09	443 B	8.7 kB	162.19.58.161
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	1.5 kB	92 kB	104.17.25.14
cdn.ampproject.org	329	2015-08-31	2015-10-09	2024-05-09	1.8 kB	95 kB	216.58.207.193
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-10	872 B	24 kB	142.250.74.35
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-09	416 B	125 kB	151.101.194.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	cdn.ampproject.org/v0.js	285 kB	2024-05-08	2024-05-14
Pretty URL cdn.ampproject.org/v0.js IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 20:41:33 Last Seen2024-05-14 18:51:25 Times Seen45 Hash 3b2111f019d104164d5a800eeae7abf9 019b3e772fada2bb1772df0f8ff3de71ccf392aa b3d6c26e864ccd4da281f37b50f9acf8508c504780be13a0e8094ae3e557ac8a Loading...

	rtp4-kijangwin.shop/	90 kB	2023-11-04	2024-05-14
Pretty URL rtp4-kijangwin.shop/ IP 104.21.57.109 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-04 20:50:16 Last Seen2024-05-14 18:51:25 Times Seen15 Hash 83dc8f347a04c4ac5ac24766c1ad7d90 22dd4f90fdbbf111d04765351c04a529b57beca6 390219872ec92921ef0b3c153acd7552b19646f55785db762bc430d741707921 Loading...

	rtp4-kijangwin.shop/	60 kB	2023-11-04	2024-05-14
Pretty URL rtp4-kijangwin.shop/ IP 104.21.57.109 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-04 20:50:16 Last Seen2024-05-14 18:51:25 Times Seen14 Hash 224301fa82c21af6a86ef651a2360d18 52925f63e70077ba1d3f210f7edcd4610c8f2e9f f41daff3e126a600ad4ed182a012d52819cf1f91e9d81dda669570a1a0155ab1 Loading...

	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/shims/firebase.js	2.3 kB	2023-05-05	2024-05-20
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-05-20 19:27:42 Times Seen9889 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	rtp4-kijangwin.shop/sandbox%20eval%20code	123 B	2023-05-05	2024-05-20
Pretty URL rtp4-kijangwin.shop/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-05-20 16:24:07 Times Seen7579 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

	unknown	17 kB	2023-12-03	2024-05-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 18:28:19 Last Seen2024-05-14 18:51:22 Times Seen6 Hash c5f26a1fc900129ed6b2d56ea25b7aca b44f43ae9ecd591b4c76ba8b73d617c252cbad42 19de20103ebc853f13dc2ec938a7278112cbb142c1d3d728b52b794a9d0d5f57 Loading...

	unknown	2.9 MB	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 18:54:30 Last Seen2024-05-10 18:54:31 Times Seen1 Hash 63eb4fca198690d507959dbf1d4865cf 47884ae7a10279edd39286bb88bb17636cf52bbd f584cbbb13a7ebda05468f8295502365885f74d262a820309ee3844f7fb62129 Loading...

	cdn.ampproject.org/rtv/012404230718000/v0/amp-loader-0.1.js	13 kB	2024-05-09	2024-05-14
Pretty URL cdn.ampproject.org/rtv/012404230718000/v0/amp-loader-0.1.js IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 05:40:43 Last Seen2024-05-14 18:51:25 Times Seen38 Hash cf5f4ddf071061f97a5a0927e8a22805 c1bf10e02fbb346cbb15faac3e1af0e673c60553 be188de16847f6e9ef2bf1094104cb640cc096212c148a11392616ce5f6b6526 Loading...

	cdn.ampproject.org/v0/amp-iframe-0.1.js	26 kB	2024-05-10	2024-05-14
Pretty URL cdn.ampproject.org/v0/amp-iframe-0.1.js IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 18:54:31 Last Seen2024-05-14 18:51:25 Times Seen8 Hash e6980ab2edea3617d9a99fcc1b216efd ad016105279e6829e92c63d05a0e06161507e20e fd9135006cc7251c6e65e5a9e4f48343f3b393f37f69bf0d20f3f27e88c225b5 Loading...

	www.gstatic.com/firebasejs/5.5.8/firebase-app.js	35 kB	2023-11-04	2024-05-14
Pretty URL www.gstatic.com/firebasejs/5.5.8/firebase-app.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-04 20:50:16 Last Seen2024-05-14 18:51:25 Times Seen26 Hash 4de81e8733af1c90040961e8bddb9a1c ab803fd855772d9ff2e5d7b2b425e653276958f3 a73e6b7e9a591f7ab3704395b03f94b31b1d7dff684fc5943c123f4750b6b680 Loading...

	www.gstatic.com/firebasejs/5.5.8/firebase-messaging.js	36 kB	2023-03-07	2024-05-20
Pretty URL www.gstatic.com/firebasejs/5.5.8/firebase-messaging.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:21 Last Seen2024-05-20 09:32:45 Times Seen197 Hash a2c5dc2c7f2a8f427db53334c1656ad6 70a40d4173fbdf694bcff8d74eb9bf0d1499f7ec 55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8 Loading...

	rtp4-kijangwin.shop/	5.7 kB	2023-11-04	2024-05-14
Pretty URL rtp4-kijangwin.shop/ IP 104.21.57.109 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-04 20:50:16 Last Seen2024-05-14 18:51:25 Times Seen15 Hash 5da1c200345e18362d7e20aacbc57f5f 5185015aab57c22c5c33bb6f7952152e391c5084 6d3c19fc44fdb8d397705d25948e499d276f95723951887ec368b7606fc931fa Loading...

	code.jquery.com/ui/1.12.1/jquery-ui.js	521 kB	2023-03-07	2024-05-20
Pretty URL code.jquery.com/ui/1.12.1/jquery-ui.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-05-20 13:50:25 Times Seen6186 Hash ab5284de5e3d221e53647fd348e5644b 75c20acdc6cbc6334fe2b918ab7afeec007f969e 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d Loading...

	cdnjs.cloudflare.com/ajax/libs/progressbar.js/1.0.1/progressbar.min.js	22 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/progressbar.js/1.0.1/progressbar.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:20:24 Last Seen2024-05-19 05:45:03 Times Seen195 Hash 1970f37f615a8339b6b249e396ee7d0d 4c9777e758b9fc1b444e11ec031125e24065fdc9 56ea4cd865555cad9cdd29aae4bc578d41c166f7964ecdf986ed5a97ab2cea49 Loading...

	cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.js	7.8 kB	2024-05-08	2024-05-14
Pretty URL cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.js IP 216.58.207.193 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 20:41:33 Last Seen2024-05-14 18:51:25 Times Seen39 Hash 2f5409797573545ef00da57189731689 20ac241032e56151958c680707209c9c298868e3 9c2ac126d439f7e51f5ab6961f5a4d567bcad323ee2450998df29515cf0ad765 Loading...

	rtp4-kijangwin.shop/	4.5 MB	2024-05-10	2024-05-10
Pretty URL rtp4-kijangwin.shop/ IP 104.21.57.109 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 18:54:31 Last Seen2024-05-10 18:54:31 Times Seen1 Hash 4dca7c1422e09422535b2c49c2e4c5e0 17f528c3a66f8a44a0cd33f9099892d7c6ac8cd1 371b0062d5d958c5ede415a8a464fbb8e940f3c486bfb6ff197c1bedbae96769 Loading...

		Size	First Seen	Last Seen
	#1 Write - 09fecbd762d8f794446fb33004f58d00	3.0 MB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 18:54:31 Last Seen2024-05-10 18:54:31 Times Seen1 Hash 09fecbd762d8f794446fb33004f58d00 0e0cbf21214511383b88ef49ab64b8dbd71fff8d c0e189939888095ef9e381287757f77bcceb9eeb5d5fb91312a66806f9370487 Loading...

HTTP Transactions (51)

	URL	IP	Response	Size
	cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css	104.17.25.14	200 OK	5.6 kB
URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (30837) Size 5.6 kB (5631 bytes) Hash 269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd HTTP Headers `GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:51 GMT content-type: text/css; charset=utf-8 content-length: 5631 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03e5f-7918" last-modified: Mon, 04 May 2020 16:10:07 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 130111 expires: Wed, 30 Apr 2025 16:53:51 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=akrSNG3vL%2Fimyik4wbvwlbBN%2B%2FDIB%2B20feCsPj2rdyK2VeYYr4FoJyYsuyD2qQ0%2F1qasiH5muOjGYxEdM8Xh7m0nMKvPfHlpD1Ntqpxg%2BsG4iJEcf%2B8XZagRPmB5txBe856cIbT%2B"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 881b72a22f17712b-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0/amp-iframe-0.1.js	216.58.207.193	200 OK	8.9 kB
URL GET HTTP/2 cdn.ampproject.org/v0/amp-iframe-0.1.js IP 216.58.207.193:443 ASN #15169 GOOGLE Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type JavaScript source, ASCII text, with very long lines (25617) Size 8.9 kB (8929 bytes) Hash e6980ab2edea3617d9a99fcc1b216efd ad016105279e6829e92c63d05a0e06161507e20e fd9135006cc7251c6e65e5a9e4f48343f3b393f37f69bf0d20f3f27e88c225b5 HTTP Headers `GET /v0/amp-iframe-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 8929 date: Fri, 10 May 2024 16:53:51 GMT expires: Fri, 10 May 2024 16:53:51 GMT cache-control: private, max-age=604800, stale-while-revalidate=604800 etag: "adda1ea23d21d5a3" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdn.ampproject.org/v0.js	216.58.207.193	200 OK	73 kB
URL GET HTTP/2 cdn.ampproject.org/v0.js IP 216.58.207.193:443 ASN #15169 GOOGLE Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type JavaScript source, Unicode text, UTF-8 text, with very long lines (64654) Size 73 kB (73084 bytes) Hash 3b2111f019d104164d5a800eeae7abf9 019b3e772fada2bb1772df0f8ff3de71ccf392aa b3d6c26e864ccd4da281f37b50f9acf8508c504780be13a0e8094ae3e557ac8a HTTP Headers `GET /v0.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes vary: Accept-Encoding content-encoding: br content-type: text/javascript; charset=UTF-8 access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 73084 date: Fri, 10 May 2024 16:53:51 GMT expires: Fri, 10 May 2024 16:53:51 GMT cache-control: private, max-age=3000, stale-while-revalidate=1206600 etag: "5fd6afb7d4b2d5d6" strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/progressbar.js/1.0.1/progressbar.min.js	104.17.25.14	200 OK	6.2 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/progressbar.js/1.0.1/progressbar.min.js IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (21557) Size 6.2 kB (6181 bytes) Hash 1970f37f615a8339b6b249e396ee7d0d 4c9777e758b9fc1b444e11ec031125e24065fdc9 56ea4cd865555cad9cdd29aae4bc578d41c166f7964ecdf986ed5a97ab2cea49 HTTP Headers `GET /ajax/libs/progressbar.js/1.0.1/progressbar.min.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:51 GMT content-type: application/javascript; charset=utf-8 content-length: 6181 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03fac-54bd" last-modified: Mon, 04 May 2020 16:15:40 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 857734 expires: Wed, 30 Apr 2025 16:53:51 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uzjb7Jm5oX7rnemdjW1luc9sQ95l10Ae7u5C65cGTnyLNO32m3lpFI%2FjGz4fCzGlx6FigkzVvZoRU3vc0Kinwp5OMFceFYAYsPznxNIMlKStNsFvokrlqImRLBkxTek4zSkKc48Q"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 881b72a6995f1bfa-OSL alt-svc: h3=":443"; ma=86400

	www.gstatic.com/firebasejs/5.5.8/firebase-app.js	142.250.74.35	200 OK	12 kB
URL GET HTTP/2 www.gstatic.com/firebasejs/5.5.8/firebase-app.js IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT File type JavaScript source, ASCII text, with very long lines (34802) Size 12 kB (12419 bytes) Hash 4de81e8733af1c90040961e8bddb9a1c ab803fd855772d9ff2e5d7b2b425e653276958f3 a73e6b7e9a591f7ab3704395b03f94b31b1d7dff684fc5943c123f4750b6b680 HTTP Headers `GET /firebasejs/5.5.8/firebase-app.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 12419 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 May 2024 05:55:25 GMT expires: Fri, 09 May 2025 05:55:25 GMT cache-control: public, max-age=31536000 age: 125906 last-modified: Thu, 08 Nov 2018 23:21:36 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	code.jquery.com/ui/1.12.1/jquery-ui.js	151.101.194.137	200 OK	124 kB
URL GET HTTP/2 code.jquery.com/ui/1.12.1/jquery-ui.js IP 151.101.194.137:443 ASN #54113 FASTLY Requested by https://rtp4-kijangwin.shop/ Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type JavaScript source, ASCII text, with very long lines (1002) Size 124 kB (124434 bytes) Hash ab5284de5e3d221e53647fd348e5644b 75c20acdc6cbc6334fe2b918ab7afeec007f969e 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d HTTP Headers `GET /ui/1.12.1/jquery-ui.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-7f20a" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Fri, 10 May 2024 16:53:51 GMT age: 20559428 x-served-by: cache-lga21932-LGA, cache-hel1410030-HEL x-cache: HIT, HIT x-cache-hits: 322, 389255 x-timer: S1715360032.873132,VS0,VE0 vary: Accept-Encoding content-length: 124434 X-Firefox-Spdy: h2

	www.gstatic.com/firebasejs/5.5.8/firebase-messaging.js	142.250.74.35	200 OK	10 kB
URL GET HTTP/3 www.gstatic.com/firebasejs/5.5.8/firebase-messaging.js IP 142.250.74.35:443 ASN #15169 GOOGLE Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subject.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT File type JavaScript source, ASCII text, with very long lines (35800) Size 10 kB (10096 bytes) Hash a2c5dc2c7f2a8f427db53334c1656ad6 70a40d4173fbdf694bcff8d74eb9bf0d1499f7ec 55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8 HTTP Headers `GET /firebasejs/5.5.8/firebase-messaging.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 10096 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 May 2024 20:47:04 GMT expires: Fri, 09 May 2025 20:47:04 GMT cache-control: public, max-age=31536000 age: 72408 last-modified: Thu, 08 Nov 2018 23:21:36 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Pyramid%20Bonanza.webp?v=7.0	104.21.233.200	200 OK	9.2 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Pyramid%20Bonanza.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image Size 9.2 kB (9184 bytes) Hash 75dd00392104cf904a9566e93d6a6f58 4b60901571165f4a62a60cea94dae9b52f4fd3ee 5f9f441c90fd8a69f889dc23ac0d64e4d52f496ab3401e0ebdbfd2c2ef1d2f62 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Pyramid%20Bonanza.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/webp content-length: 9184 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-23e0" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: HIT age: 604 accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VzUrfHuwemtQaBJiV3I4mKqQ5AxVf2UOELOfbaNq8%2BPH%2BMKQ7XMLKdyvl2PI14jfySExB0T5Jc5GECs%2FN7uBvRNGMf0SYEb%2FnHAjbwH%2BMrycndvWjF25Y8h6%2BIamEtj8tFZq7b0ZXQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac8eb2768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0	104.17.25.14	200 OK	77 kB
URL GET HTTP/3 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP 104.17.25.14:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459 Size 77 kB (77160 bytes) Hash af7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe HTTP Headers GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://rtp4-kijangwin.shop DNT: 1 Connection: keep-alive Referer: https://cdnjs.cloudflare.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: application/octet-stream; charset=utf-8 content-length: 77160 access-control-allow-origin: * cache-control: public, max-age=30672000 etag: "5eb03e5f-12d68" last-modified: Mon, 04 May 2020 16:10:07 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 172765 expires: Wed, 30 Apr 2025 16:53:52 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxGogt12qBSW6k7JTjkKN3qHs5w%2Fc8gbHcVbyMalQvKtTkAaS151ARkfs%2Fj7Ojp04II9pCerd%2FM3UZNwVvTj3W4rBTELkRqvK1C4im1XcKq%2FrIXiIkWfof3BGB6xnECxbcYHjJ%2Fr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 881b72acbfcf1bfa-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/search.png	104.21.57.109	200 OK	7.7 kB
URL GET HTTP/3 rtp4-kijangwin.shop/search.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 600 x 598, 8-bit/color RGBA, non-interlaced Size 7.7 kB (7697 bytes) Hash 7565b5e7041e4ccdab8553289eb77b4c da15b94bbb6302d4862940e2a5a680d2bf6fc5c8 88b11c80c165b901b6c1e6de10bddc9e1aa0270745d2ef7d9f652e61008e8872 HTTP Headers `GET /search.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/png content-length: 7697 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3VRKksCCL4LAlob6PrJuuN7qlAsM5icMC%2FXxX1fEk8jQM%2B3DZ2xnAjCDElGcY8NChmEMLuJrtJ9EvVFQ9Sr7FCSwby%2B%2FOCU32iJ4rT6OO40%2Btyj1hrKrLCq81j8X6541%2FDOXPjO"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72aaabd756b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/livechat.png	104.21.57.109	200 OK	2.8 kB
URL GET HTTP/3 rtp4-kijangwin.shop/livechat.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced Size 2.8 kB (2842 bytes) Hash 5553406956578b9db2aa23079f1c0259 79f7db923646dac18ee998a932ed36c734000811 aaae9de5bce315729b0cc99fa70675b74b1896916c4334bf7997afcf80513b70 HTTP Headers `GET /livechat.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/png content-length: 2842 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zER7XwI0IxtpyYTfQ9yjpcpQTs1fxzTCRSbMZw2vZ8tNpyYI%2BCJWPNZiYWalc%2BT4shk%2B7G8y0McL3aBeMAKs%2F8gjwuGpUZ1uBu2mHrrS8eTMXPtcPWFtMwpCOixougHCy%2F4arQFb"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72aacc0956b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/sad.png	104.21.57.109	200 OK	8.3 kB
URL GET HTTP/3 rtp4-kijangwin.shop/sad.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 246 x 179, 8-bit/color RGBA, non-interlaced Size 8.3 kB (8278 bytes) Hash 3f27ef15fa733c428dcd5d378141129f fc23cad7f675c9cf00481a1c9daa231b05ea3fc5 8bc800297c808160b7ae93f14c32e5e7bb15601511def082239d4193255b8fe1 HTTP Headers `GET /sad.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/png content-length: 8278 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8z0KMUdodsJ2XhPFOZtg4UCfGaueixY5N%2FmKCZ3LS1433WYdiLbWQfA6l1ns4TC2mwDR8KfRd81f9%2FsHUQMKg%2FUEKDYvX9vCfXZU0wQVW%2Fh3KORgN5mQ1m2uJRBCG90p3ywCRiNM"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72aacc1556b5-OSL alt-svc: h3=":443"; ma=86400

	cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.js	216.58.207.193	200 OK	3.0 kB
URL GET HTTP/3 cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.js IP 216.58.207.193:443 ASN #15169 GOOGLE Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type JavaScript source, ASCII text, with very long lines (7690) Size 3.0 kB (2976 bytes) Hash 2f5409797573545ef00da57189731689 20ac241032e56151958c680707209c9c298868e3 9c2ac126d439f7e51f5ab6961f5a4d567bcad323ee2450998df29515cf0ad765 HTTP Headers `GET /rtv/012404230718000/v0/amp-auto-lightbox-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://rtp4-kijangwin.shop DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 2976 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 08 May 2024 09:50:08 GMT expires: Thu, 08 May 2025 09:50:08 GMT cache-control: public, max-age=31536000 etag: "7e4a961a3c2d0fa7" content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 198225 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	cdn.ampproject.org/rtv/012404230718000/v0/amp-loader-0.1.js	216.58.207.193	200 OK	3.9 kB
URL GET HTTP/3 cdn.ampproject.org/rtv/012404230718000/v0/amp-loader-0.1.js IP 216.58.207.193:443 ASN #15169 GOOGLE Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT File type JavaScript source, ASCII text, with very long lines (12614) Size 3.9 kB (3943 bytes) Hash cf5f4ddf071061f97a5a0927e8a22805 c1bf10e02fbb346cbb15faac3e1af0e673c60553 be188de16847f6e9ef2bf1094104cb640cc096212c148a11392616ce5f6b6526 HTTP Headers `GET /rtv/012404230718000/v0/amp-loader-0.1.js HTTP/1.1 Host: cdn.ampproject.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://rtp4-kijangwin.shop DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: br access-control-allow-origin: * content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available" report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} timing-allow-origin: * content-length: 3943 strict-transport-security: max-age=31536000; includeSubDomains; preload x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 08 May 2024 09:50:10 GMT expires: Thu, 08 May 2025 09:50:10 GMT cache-control: public, max-age=31536000 etag: "a77c6c3a9a5cff47" content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding age: 198223 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	rtp4-kijangwin.shop/calender.svg	104.21.57.109	200 OK	740 B
URL GET HTTP/3 rtp4-kijangwin.shop/calender.svg IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type SVG Scalable Vector Graphics image Size 740 B (740 bytes) Hash c2042b3836ee7355736c454c789e01ec 43a4ea5d459f4a3ca384b251a229814b0b8ffd7f 36ad050cccdf221bd43436ec267f4ba6b36db15c50fc92d2ddbeeba88ddf5248 HTTP Headers `GET /calender.svg HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/svg+xml last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v5RoAdjUJsj88iEjMQlEa%2F9UE4JmPhfli%2FIInsos7nI9yNdNqq9%2FEa2BckcBFY65yOEFyL0vJliQ7JWGxmIbMqyx5R1jRqFqadSX5X%2F%2B9hqKbLDnD2EVvug1GZHkLhuiZCnQXWVT"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72aa7b9856b5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/20230130023713.png	104.21.57.109	200 OK	13 kB
URL GET HTTP/3 rtp4-kijangwin.shop/20230130023713.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 13 kB (13177 bytes) Hash c9fa1423f230e6e89b3ce1a6a18bc255 c8d4ece2d96e14f5b34772c092cfeec85e1273d1 11e8a3ecf434ae9fa110d2b03e02f74450c30e662eb2b7d2d1a7ee0847551e90 HTTP Headers `GET /20230130023713.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 13177 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jq7yAoDthGQ6AvajOM68tU5q1SX7B3x6j8tDjIJASEEVOhOl8XM1Buy5wr%2F%2BJ2aXtcjNzn7AjiALrnO9uy0ArD6ty5VAMvSsFOxmPiIADt8CIvIROEK5fYCSVSHxWRNqgGHzjbWK"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac7e7356b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/20230130023242.png	104.21.57.109	200 OK	14 kB
URL GET HTTP/3 rtp4-kijangwin.shop/20230130023242.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 2057 x 946, 8-bit/color RGBA, non-interlaced Size 14 kB (14004 bytes) Hash 93f06d3339ad9aba4283ec6ac1664cc5 fd9ca2d23dee5d06883e1b27d1d7fac035b18dd2 3a32db7cfc6b2a9832e0a78a451f19bc9aabfd101cbb3f7d0f7dbf3a1d3dd20f HTTP Headers `GET /20230130023242.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 14004 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fc1oMpr%2BFYhCrvpevWpFBER4LCYMyxdb0%2BMZXjVK4eWoHGXjkT9YGQVfZ8UomWuM7O6RcoKriwyjJ77LDlA6RmlmKVkjk1GmEXTS7SQ%2BIzLu3ULbr4gLkFB%2BK1zccvYW7EHlMEn5"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac7e7956b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/20230130023729.png	104.21.57.109	200 OK	2.6 kB
URL GET HTTP/3 rtp4-kijangwin.shop/20230130023729.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 2.6 kB (2561 bytes) Hash 57740303925ade324528d10d4aab8317 668382062b34adfc976f35cc2e4eee80be33921a b217ad9459e15aa78cb865230d8aad2dde351a5f329be35db007dc7b50e992a4 HTTP Headers `GET /20230130023729.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 2561 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6yKbFeamGH0T%2FulS9Av%2FOBse96FaA4QUHbwHNX8kroRV4dr8lAbHf5d51fFbbwulU3XHJaRb8eAmkV2VnHoS9KwF1eft2WeL22wpwn6I60yaVQmkkIBfZhWMZA4zthvG5%2BFhzSW"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac8e8256b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/20230130023257.png	104.21.57.109	200 OK	3.3 kB
URL GET HTTP/3 rtp4-kijangwin.shop/20230130023257.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Size 3.3 kB (3282 bytes) Hash c5c7b8b2f7661ed746bb3d37bcf17d12 bcfe7a3cee22f0dfaefa20ef0e0f88e0ea66400a 698bbbd7a5d1a2861fcbfbf5560226fb9f8c2cf66d4b95c8e75fbf0b8ccc729d HTTP Headers `GET /20230130023257.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 3282 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoYXn%2ByFVPuKm%2BEmnUzSkRd7eF8WmNcv%2FOmwSvlAQHGLSfSWeCVNRpTKuEfZkD5UtVMa8yLTe7kt5lYriiMwq3c1x356DTtDKzUy5bJSJ80HCuZYuDwL47Wae6uAqi35m5zzrJjx"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac8e7b56b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/20230130023250.png	104.21.57.109	200 OK	4.9 kB
URL GET HTTP/3 rtp4-kijangwin.shop/20230130023250.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Size 4.9 kB (4869 bytes) Hash 722a2575e4987b55712435e5adc7c13c 8410b0ae490da7d65fe6e2505b8d5cb6519de1b2 4b988596b60aa57af5aea4a1a1abda348bb4f5b49c5acdead8f7768a1fe410e9 HTTP Headers `GET /20230130023250.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 4869 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QmeAC10UxxCvGRY8BUYZRrwchwy1YO2AxHablWgBsWkGzCMTiAu83xKLZlhsFv2V5RlEHVztgjhvB1hGg1DSwQuc6YoX17g83OcsVS7%2BMOlV69AkJFZwWjgZsIvOOLZJnlXb7%2Ff"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac8e7e56b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/20230130023413.png	104.21.57.109	200 OK	7.4 kB
URL GET HTTP/3 rtp4-kijangwin.shop/20230130023413.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 300 x 106, 8-bit/color RGBA, non-interlaced Size 7.4 kB (7393 bytes) Hash 7c3386942a12b5f9e730684cc278c098 d0a63f4412f6f79636ae35268010217d2b05e39f 4ef33cc98cdbcc5a681291db2bf58149fff46de427d008979ff668dd6c7578c4 HTTP Headers `GET /20230130023413.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 7393 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pw%2BG2pN6UdkdpxKpnPMqlPrFV3XU7H3xkNbu%2Bq1yg3mD0LVT4IvgeT0V23tFUmsRaiXEu0Cq2AiZrHxHT0sWvCxG4jbU1u22c6vKKHXenaB8%2BhJr0uI72JscpJQf3J6RABUW0bj"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac8e7d56b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/20230130023514.png	104.21.57.109	200 OK	12 kB
URL GET HTTP/3 rtp4-kijangwin.shop/20230130023514.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 229 x 255, 8-bit/color RGBA, non-interlaced Size 12 kB (12270 bytes) Hash b3257e9400c2e853dca2ca6558a18ff8 5c93d57268df071f78de49d11366326fad83909c c1aeeb27270d3a56e661aa9fd8c4c610801abb2c68453c22febb2b1b0ff0d6bc HTTP Headers `GET /20230130023514.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 12270 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBDBsW%2BWG7CkYPzEHIrfS%2FCUEyapJCgXCpFy86HgT0oVIUZkn80m4lDuhQWF%2FoWUmvgFsA%2BJvvDxTp6biO9amgfpKcoK39A1bIgbYwE%2B6dTHoYt8Goe2wiiJ5ny0v5UW9jpKGlw1"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac8e8356b5-OSL alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/20230130023214.png	104.21.57.109	200 OK	24 kB
URL GET HTTP/3 rtp4-kijangwin.shop/20230130023214.png IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type PNG image data, 466 x 665, 8-bit/color RGBA, non-interlaced Size 24 kB (23587 bytes) Hash 7aeed7d5971ed924c44a8b2864c0d560 63900b427080879504eb4a1f4168add61de8f343 af70dd6eccb09e6590067b1f39aa2197af80f5abd6b50c300ee87baadc3d3c75 HTTP Headers `GET /20230130023214.png HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 23587 last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFen%2FMe3W3HsRKUfqUpcYOPpxT5TglC%2BbW5qpA3%2FeamsIPL8ZTxR1GrNDodxlwz4tDT0OohfkBYqFczkRXPE0L%2BPMycxvNPEkJhWmXz2V%2BoPQ%2BBkStXH2dU0T2Rcec8T2G9iwNeJ"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac7e7056b5-OSL alt-svc: h3=":443"; ma=86400

	media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/Mahjong%20Ways-min.webp?v=7.0	104.21.233.200	200 OK	15 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/Mahjong%20Ways-min.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 15 kB (15292 bytes) Hash 32060d121da4aa566775678e623c7ecf d55072daedfe72e38b7d9bbff90b9c2a14bf6d29 56a31791925de7b572334f737149dda45d08727f91d433ef230fe227424a30b1 HTTP Headers `GET /idnsmedia/is/slots-v3/pgsoft/Mahjong%20Ways-min.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 15292 last-modified: Wed, 16 Sep 2020 04:56:59 GMT etag: "5f619b1b-3bbc" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loksW08vi60yAIIDRdiJlEEYO0sMpVhQN6m4u1d11xDI37esHkwsL6Ns5h9ETaCA%2FfRu%2FOIygVCMqUzkqcyiHTmYtn3d5SLX779wRRSnGAOGM0KjiArZpBVNYhgJt8nVfAvV2HjOyA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e87768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/r3r23rGates-of-Olympus.webp?v=7.0	104.21.233.200	200 OK	5.0 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/r3r23rGates-of-Olympus.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 188x125, Scaling: [none]x[none], YUV color, decoders should clamp Size 5.0 kB (4972 bytes) Hash 1e4b79afb2405cac9b4f0382a49c2fd7 0100ff7717bef115e13dc1d11ee0d960de4b78da 27231200d7320918c013a0aa68d51a74535f1283d80676c99a1e2a5f30b190b5 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/r3r23rGates-of-Olympus.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 4972 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-136c" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vG0zJMWd2FEg%2FYX7kDDtEs3N0a3frnKpP3yuBJ60fuGQJl1sbZbYQmJ3Dv98jJ8hIhQaaPRl%2FrV5iEjyw0ScsfI3OaYMUNma8HDoRZsRUJ8JPS4vFGFfhNaTMeGlTsS0cuow6uMUtg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e8c768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/5lionsmegawaty.webp?v=7.0	104.21.233.200	200 OK	14 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/5lionsmegawaty.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 188x125, Scaling: [none]x[none], YUV color, decoders should clamp Size 14 kB (14378 bytes) Hash 9804d206aeb83f70b8cbb254d1a1f323 6c7b971f85fb7dff8a84ce19ae2e7a1738876086 901c76f61b724dc998607895e19fdb605113b183703a9df492141e713f9989f4 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/5lionsmegawaty.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 14378 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-382a" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=em6piGcao%2Be%2FK5Cyca%2BJ1buKzqRI8HazICXyZfQn8%2FbiX7hrQHVdB0wpFqKJU1zG%2FdRyfahtPZgGdwxWtT9JjLHe%2FI%2FHJ7TerivOD%2BBXw%2FAr8NUjX3t%2FdrvLXzPq73bmodheJiBysA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e8d768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Gates%20of%20Gatot%20Kaca.webp?v=7.0	104.21.233.200	200 OK	14 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Gates%20of%20Gatot%20Kaca.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 14 kB (14124 bytes) Hash 601086f39ec06aee80e2a689de40d273 ee8f8b15623b607f344413cc2a8b518199a1631d d9a4e011f3e6f33f8ec670742813b48643f5018cb054b44dc611b6394548996e HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Gates%20of%20Gatot%20Kaca.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 14124 last-modified: Sat, 03 Dec 2022 14:24:11 GMT etag: "638b5c0b-372c" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axQbM44Th%2BgPO2etkJY087zZpT%2FUMji23BSdQOSPj2LG%2FfaRxlbTtK9mIMxrbClAq7Wufc57o6DuAgh3tYB85V3u0v1VIERmE92sA7keS3DpyEleF%2Fj0Mh3Vzsrogh%2FVt%2BVVAzzrqw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e89768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Jade-Butterfly.webp?v=7.0	104.21.233.200	200 OK	6.1 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Jade-Butterfly.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 188x125, Scaling: [none]x[none], YUV color, decoders should clamp Size 6.1 kB (6062 bytes) Hash e6b208947f7bdd0f8424bcdd4fb93a72 43ed8d9e300830eb8c1ba0fbb7a49875ecf0b1cd 968e4aa44168b9ef6bf58d69cf6f20b1789aee368a716b676894c29df0e99eca HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Jade-Butterfly.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 6062 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-17ae" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1tEznfZ4NLoaN0AduNrn9m1qB6ZB%2B8PDi3bINMZ5XRiJya%2BFjOfQyqQUiBLv9KBmoN4PzIG9J4wsLrSekuolChjMWmvAOOc9C3Rf8HhhkQzRFcvYwbHNSB7QUTlnLat3iDUbxukBg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e8e768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/fruitparty2.webp?v=7.0	104.21.233.200	200 OK	13 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/fruitparty2.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 188x125, Scaling: [none]x[none], YUV color, decoders should clamp Size 13 kB (12688 bytes) Hash 2abaa2f80bcd5f9aca18a31519c39616 a54a111d800a8d9ac353a3f5cea26dcd709ce346 b1bb46b2277212544371928220f8c1d7e56b14308e239f619ff9c09ca8b589d0 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/fruitparty2.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 12688 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-3190" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=elJSGoXD%2BtsILN7IBRZFsWg5eLpdaXiBp5R500g8kNavVC5cxVp2f3Gp5NqK6Zx69PwhruJZHQ%2FunOSwJEIbxh7sLL860TewhxwXKeKg9Bcw8NqpbCpa1IUv3kJ2PnlDXOLXotUOjw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac8eb6768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Dragon%20Kingdom%20Eyes%20of%20Fire-min.webp?v=7.0	104.21.233.200	200 OK	15 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Dragon%20Kingdom%20Eyes%20of%20Fire-min.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 15 kB (14986 bytes) Hash 62116f2dcfef248e4f207f84493b93a5 c20968e59cca439a9a71365de6ff7cf6c4f1346c 3bd1b71d2d6095ffdec09ce1f9e54b561f2272cf07a1c58da15f208f1d95c593 HTTP Headers GET /idnsmedia/is/slots-v3/pragmatic-direct/Dragon%20Kingdom%20Eyes%20of%20Fire-min.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 14986 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-3a8a" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxKAMXxRnC2RLVWAfP08uuDYlGYuXF2MKdt2Q7A%2Byu%2FLgyZLxeuvdj7j5IdU5QbKBckZrXALSlFAH0a15cArPLdP%2FAGrTHAEVNBnQPjrsZ%2FUAkL04yIEqiKgtHeRzTFuaqgD3wBv6w%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e91768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/starlightprincess1.webp?v=7.0	104.21.233.200	200 OK	15 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/starlightprincess1.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 15 kB (14832 bytes) Hash 798093df66475ebbc4002c2aafc46803 8406a4f2e4b89ec4b94b2f8a41be3f0700f2383b fc2f22192b1231263eeadf133ef98a088f7b2d7f18d4beac812ba5e85e78435d HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/starlightprincess1.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 14832 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-39f0" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EtLpZuYGm2kN%2B365fO7jFs%2BzVaNcHOaKgZpxucuEJ8wavLaFT1ibr2Ps0kZKSMWiTgAoXtgmG2qDKgyqZT%2F3wlNretadewrxMkcXl%2B8F5iyOVjU1Y%2FxGcgXyYXsalYkmB9kWM7YvTQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac9eca768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Sweet-Bonanza.webp?v=7.0	104.21.233.200	200 OK	5.2 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Sweet-Bonanza.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 188x125, Scaling: [none]x[none], YUV color, decoders should clamp Size 5.2 kB (5190 bytes) Hash 1d0fc0d6fc0871dec635ebf490e64516 140a937c7687cd50cc7248362d3418cb1c454259 9099779f5a8fbcd041012bdfb50b9b4f82230687642b85a64e390a4ea2f9f304 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Sweet-Bonanza.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 5190 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-1446" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ue31fC318jsh6EvOxtjYtsFGnQrXbE7BkZ8BozgZsW%2FPZACRcj85paK4yqehUdzmdMoIixOc27yevBZMZoa8oOZeYEULzBpH4EDIldlPlRRfcjzP3hugHNCK%2BbnCAUFSoeDPZpcyFQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac9ec4768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/wildbantido.webp?v=7.0	104.21.233.200	200 OK	15 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/wildbantido.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 15 kB (14902 bytes) Hash 1b57ea0b35870d2d323ebeca556e8f52 3a0b228e895109f5635262dc2771abdaa6fa552f 2199bbe2aa6a145ad8798b9461f125861060730273f64c4222054d347a48f813 HTTP Headers `GET /idnsmedia/is/slots-v3/pgsoft/wildbantido.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 14902 last-modified: Fri, 21 May 2021 04:42:54 GMT etag: "60a73a4e-3a36" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lxwz%2FGcqmAwZZYH724IbCSXZRkp%2BRD8jI50UVlA9MnoORwfbZGHlCcCsGwMiiL0gF8ebCnVx%2BigASPA3yP4fZxLacWr3g91nbCRtCAlnbhOERN%2FUoHTgtgwXtWzVBnK5EvVthe3%2FWQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac9ec9768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/waysoftheqilin.webp?v=7.0	104.21.233.200	200 OK	15 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/waysoftheqilin.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 15 kB (14810 bytes) Hash 0fdd3532c61e3b983cb2792479c85548 6197cf1490396e1ef54fd4f90f6245348b5cdf15 3ebd347b8dfc1a1034e75c9122d4ca0a4b3f9fcd6cbc3b3d7bbc5d2a4a3dd3a7 HTTP Headers `GET /idnsmedia/is/slots-v3/pgsoft/waysoftheqilin.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 14810 last-modified: Tue, 15 Jun 2021 09:09:29 GMT etag: "60c86e49-39da" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jl3fi4qRF00oI6SwSa8qj6o8ijyQ8DchZRAN2H3u1OSLMfn1PoRY%2FmSiFHzQTa5r%2FPC7wEakxfJsvE0hlTTHfTH%2BrnazmoJohnXKOxOS2iPXGQJnxMzxqpjb0D67ZhkTv4RxFrK1wg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac9ece768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Sweet%20Bonanza%20Xmas.webp?v=7.0	104.21.233.200	200 OK	5.0 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Sweet%20Bonanza%20Xmas.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 188x125, Scaling: [none]x[none], YUV color, decoders should clamp Size 5.0 kB (5016 bytes) Hash 4f65c6c986c312ad0c689250f92747ce b3df3936ab1d939cebee2fa2ffed60b7a2676b73 a089f539d19106159c776ef51f8a7523c9cbce5ad025eeea3cefaeea73889583 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Sweet%20Bonanza%20Xmas.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 5016 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-1398" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDhdW36Ox2O9Wdb8WMY6KwXzSEEhEQWFKFS%2FxgEL6HDUms9XFaxn%2F5hzTzqM4CQX2G2T44H1jYJIMIR0xHJupo52j8IrRqLdyvgm0MA10HMhqRq4ExMXb1%2Bg3dOLKnuJFi%2Bu%2BQNNYQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac9ec1768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/Lucky%20Neko.webp?v=7.0	104.21.233.200	200 OK	14 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/Lucky%20Neko.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image Size 14 kB (13702 bytes) Hash 77bcf904ce5eb80145b2f51f8436d960 5a932a2057504364bc93d7ef604976404144e332 13d98e65005694b00eff831516feea10096d38e8e20517f345e4a43c58e4d825 HTTP Headers `GET /idnsmedia/is/slots-v3/pgsoft/Lucky%20Neko.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 13702 last-modified: Mon, 07 Dec 2020 06:07:17 GMT etag: "5fcdc695-3586" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iy5bLSiTanU0bvdzPiBaJMmoPQj5B%2Bc1JWY0faNcG6pFXWZzV75CPu0VVYj89BMmGQU%2FK8shNZ8U6kDFxlF71kUcsB6PWR8SGyIRQgwZZYhlNd%2BBhEUQOcrGCD60OzcSbXn2hBZYJQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e99768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Journey-to-the-West.webp?v=7.0	104.21.233.200	200 OK	4.5 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Journey-to-the-West.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 188x125, Scaling: [none]x[none], YUV color, decoders should clamp Size 4.5 kB (4528 bytes) Hash 386990fe570abdb4144c24abbe944c84 a99755a55f3a4ca1bb76b27938ee3327de8575c7 8cc96556cc9800ec750b221a2ab6fc24d3c3d9d031607907c50ac860fb913df1 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Journey-to-the-West.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 4528 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-11b0" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrr1tUzilWRaMCVGn8JXsSthnA5Yv%2BQi4yx3vN8b9px9%2FyFiOpg4Xyjvl0iJNfF9zlKi5g653UVm5iBVM6amGV27waPGJAoccE6hNLAerHebK884%2FtrHVsTTVtxzVTSmHa2PXaKbcQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac8eb9768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Eye%20of%20Storm-min.webp?v=7.0	104.21.233.200	200 OK	18 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Eye%20of%20Storm-min.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 18 kB (18056 bytes) Hash c6e01c3c55164db15e1a24426e5463a7 873c56b78c12986e2f4500dc79ea62cd6f4c0e2f ec4b980e5c789ca45bb4bc593d4ab7b776905ccd20c6ff3e0a2b47140321855b HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Eye%20of%20Storm-min.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 18056 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-4688" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDQ%2FGn6Lc3R36%2BD3NLFhTTo5h6pTAM18yHSfwkYxMsXh8ZgoXSMC835veD8EXxz6NWdx7JV2yp8PZ6zhkHhvczyZCNqp13f8XqIEh9vjtqAb2wGnTouvQvMHYbAnG5CggmgXt5NHxA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac9ed0768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Cowboys%20Gold-min.webp?v=7.0	104.21.233.200	200 OK	12 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Cowboys%20Gold-min.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 12 kB (12448 bytes) Hash 63918c89f2aaaf91366b2963a80c4f02 d2f8f0f17ca94607240418bfc019d6b39d816f76 163666ac481e8e6badb5f4433e22c63c8b2521e7fbbe6b7bf0db2decb1dbd8f6 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Cowboys%20Gold-min.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 12448 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-30a0" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WgNhVQ1rVTeJezPNz4utUW5Bg8Xefr0DK37%2B03COS6oj%2BfX9jZlCNyhqYDnOBnQYwST8iA19OhsiZs2ZY6eh2Ndggx5ttw34T2zLQymulBVBbi1VfBowRFEVd24bF8n%2B1Fkh7AqU0g%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e9b768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/Mahjong%20Ways%202-min.webp?v=7.0	104.21.233.200	200 OK	15 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pgsoft/Mahjong%20Ways%202-min.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 15 kB (15082 bytes) Hash f66a61a7572492511e76ab7493c7685b 75d5c2bb8b05e5e4a238361ce5747ebf928f9b4a d2ac70c549bcd0db7e43a205debe7204937f6cacb76ce959d5551858442282bb HTTP Headers `GET /idnsmedia/is/slots-v3/pgsoft/Mahjong%20Ways%202-min.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/webp content-length: 15082 last-modified: Wed, 16 Sep 2020 04:55:56 GMT etag: "5f619adc-3aea" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qt%2BuLW1Eo2Jx6G%2BUqy5q2sUBc%2BAPsTjjovZjHrVdbNvQUkEJn2wimfUbYCqv4UcMhYUxC35FVwmmgkOOVyw08KFLpiw7431zcIlYicQt2ts5HE%2B%2FreO2brtHpUc%2FmeQd6Ot2%2FnUM1A%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac9ec8768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	meubelkayumurah.pics/wp-content/uploads/2023/12/kijangwin-logo.png?V=1700641604	172.67.162.79	200 OK	111 kB
URL GET HTTP/2 meubelkayumurah.pics/wp-content/uploads/2023/12/kijangwin-logo.png?V=1700641604 IP 172.67.162.79:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerCloudflare, Inc. Subjectmeubelkayumurah.pics FingerprintD9:5E:4D:BC:B4:78:B8:2D:79:E6:61:22:66:A0:70:83:35:97:38:50 ValidityFri, 29 Dec 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT File type PNG image data, 430 x 150, 8-bit/color RGBA, non-interlaced Size 111 kB (111288 bytes) Hash 8c559c67a9a5c450b04fab250b07cccd 26835c4e2bd07ffbfecc7d5318543fb381d3e900 bfb3700dca349b2472833c0f27800b71ae2be1294b03cda4d13ce6bf6a3b23a0 HTTP Headers `GET /wp-content/uploads/2023/12/kijangwin-logo.png?V=1700641604 HTTP/1.1 Host: meubelkayumurah.pics User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 111288 last-modified: Mon, 04 Dec 2023 22:52:22 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZHG4UwD3Af0AD%2FW9zLpPMlwtIqU1jhqtzdJ%2FqbSrdYBS9BjGP0UZ%2FQ7BB0gm1T21tNxZ8wWtpeaPhO7rpLnrLT2GfhZLmd2Ofw%2Bsq%2Bm1Wd3vfGoYJCnprqTaHpPYadPizsYH0sdhkA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ade9d87129-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	i.ibb.co/d6TnxT1/kijangwin-favicon-64x64.png	162.19.58.161	200 OK	8.3 kB
URL GET HTTP/2 i.ibb.co/d6TnxT1/kijangwin-favicon-64x64.png IP 162.19.58.161:443 ASN #16276 OVH SAS Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Size 8.3 kB (8340 bytes) Hash 18e433ee6276ebd7b6fe25aa03aad19f 2ddd1a9d9e166c9f022fdbc7a0410f52b58aa341 8012b8105654e35b77d733809132c4ce27777109f6959bfbfb06278f513eb5de HTTP Headers `GET /d6TnxT1/kijangwin-favicon-64x64.png HTTP/1.1 Host: i.ibb.co User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Fri, 10 May 2024 16:53:53 GMT content-type: image/png content-length: 8340 last-modified: Thu, 23 Nov 2023 19:33:31 GMT expires: Thu, 31 Dec 2037 23:55:55 GMT cache-control: max-age=315360000, public access-control-allow-origin: * access-control-allow-methods: GET, OPTIONS accept-ranges: bytes X-Firefox-Spdy: h2`

	meubelkayumurah.pics/wp-content/uploads/2023/10/rtp-petir.jpg	172.67.162.79	200 OK	214 kB
URL GET HTTP/2 meubelkayumurah.pics/wp-content/uploads/2023/10/rtp-petir.jpg IP 172.67.162.79:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerCloudflare, Inc. Subjectmeubelkayumurah.pics FingerprintD9:5E:4D:BC:B4:78:B8:2D:79:E6:61:22:66:A0:70:83:35:97:38:50 ValidityFri, 29 Dec 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT File type JPEG image data, progressive, precision 8, 1280x409, components 3 Size 214 kB (214133 bytes) Hash 5b926908477db9810513cc2b96a4b802 aaf589aa14a1238aae8a7d621d334d732655aa2b c41cf5e762b607bfe4060c6bbb82eac8a94a12f36f28eee35462bb4f5b44c9a7 HTTP Headers `GET /wp-content/uploads/2023/10/rtp-petir.jpg HTTP/1.1 Host: meubelkayumurah.pics User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/jpeg content-length: 214133 last-modified: Thu, 05 Oct 2023 10:46:24 GMT cache-control: max-age=14400 cf-cache-status: MISS accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wB0ih%2FFydruiLVR%2FQFlaOcPosoTb599znJ1jV8AYJiO5ZSKhdy6DSdrfbTSkDQsssb2L8GZXlgBNW5%2F2wIInFYIDgH%2F1LhaagePhgG7%2Fm3ML8PbxUWn%2Bw3M%2FGiwwL5AphUYD%2FRnkyw%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ae4a567129-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Queen%20of%20Godssss.webp?v=7.0	104.21.233.200	200 OK	14 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Queen%20of%20Godssss.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 14 kB (13922 bytes) Hash a977e6aa881f265924fd4faf5bd3c551 fb1891c47e3f4969d206cb40a6774cd1565dd50c 75ee4d44e738e56a0327ab4ff0503a5e66ffed46130a0a6f9f8803a79e6eac43 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Queen%20of%20Godssss.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:54 GMT content-type: image/webp content-length: 13922 last-modified: Mon, 01 Aug 2022 00:03:48 GMT etag: "62e71864-3662" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVHGYmGiR9oKogJH54UP1aPD%2FYtMMPS5hNKX1xnHAel5X6v8gK%2FLH%2FpTnmCqvDhlZ6e9zwpryfJegYeFPp0sdPjSt%2BAvzyUDymfsLBr0Dpjko0VyqqPx5KYpYdeP%2BO2ZVpHd1Adycg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e88768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Aztec%20Gems%20Deluxe-minw.webp?v=7.0	104.21.233.200	200 OK	15 kB
URL GET HTTP/2 media.fastchecker.us/idnsmedia/is/slots-v3/pragmatic-direct/Aztec%20Gems%20Deluxe-minw.webp?v=7.0 IP 104.21.233.200:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerLet's Encrypt Subjectfastchecker.us Fingerprint18:26:58:C1:4C:98:C8:87:2D:53:AB:7D:93:B2:F9:88:70:D4:1D:5D ValiditySat, 30 Mar 2024 16:42:06 GMT - Fri, 28 Jun 2024 16:42:05 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 376x250, Scaling: [none]x[none], YUV color, decoders should clamp Size 15 kB (15216 bytes) Hash ad7dcc95fd62f4bc7eef5edb53539d85 76a7288240f2ebe97274caa8ce005b8a6cecac6e bdaf1119f9424fc76ad4276f2c66164a16229271203d016f6f9cb70814f3bf12 HTTP Headers `GET /idnsmedia/is/slots-v3/pragmatic-direct/Aztec%20Gems%20Deluxe-minw.webp?v=7.0 HTTP/1.1 Host: media.fastchecker.us User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:54 GMT content-type: image/webp content-length: 15216 last-modified: Tue, 31 May 2022 05:30:38 GMT etag: "6295a7fe-3b70" x-xss-protection: 1; mode=block strict-transport-security: max-age=31536000;includeSubDomains access-control-allow-origin: * x-frame-options: SAMEORIGIN cache-control: max-age=31536000 cf-cache-status: REVALIDATED accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=putZsjGksB2jV0tp7Ai9h0tdEv0FxBpeqVMjlwxGWTOezi%2FDCwrB62Hv1dk%2FfKtws6IQhXoEOFLxnX6v1jm0N5cXigXD4z9419tp3LoBK7iwR9skGR4NFWPogY0zky6ntT2f5tKiuA%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac6e8b768f-LHR alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	rtp4-kijangwin.shop/hot.svg	104.21.57.109	200 OK	3.9 kB
URL GET HTTP/3 rtp4-kijangwin.shop/hot.svg IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type SVG Scalable Vector Graphics image Size 3.9 kB (3936 bytes) Hash 6c7df4032e860105df3e42ecc3ce6c8f 50f6650e16328c133f21162ed5e37df7d8f45162 d63c95590a70545d197564af918cbb87b12ffe37f2691b38d851ba2281b5d0ea HTTP Headers `GET /hot.svg HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:53 GMT content-type: image/svg+xml last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMuGu%2FfCA7sNw4UWC5srbH3a84nPeVHXFX3LEmjPGADbEQ%2F0KBaMyafD7Nn1qtTvmB3yTdpK3vb2LNf7PvDa%2F7ilR8CdULlVCtyUCTGMPwGNdOhChUjwKYz7R56uYjxHuCNToYMz"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72ac7e6d56b5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/giftbox.svg	104.21.57.109	200 OK	3.5 kB
URL GET HTTP/3 rtp4-kijangwin.shop/giftbox.svg IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type SVG Scalable Vector Graphics image Size 3.5 kB (3474 bytes) Hash fe9b2bc0b778965d13a7ad399edc71f7 f9f73b92edec04483985315d9fae1d4fc5b60e95 1f7b38cd48ed6e51804c199a6fddd3519115ae1a250c8bd687f1741988f4a748 HTTP Headers `GET /giftbox.svg HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/svg+xml last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuFL1WCdjp4r0RxKiKOR%2BuYkQ4iaFCT6vRtoUVMz43hUBoS4hRuvkMGLbwf15SPzALuTvYSvYA3S0ZuYCHrrO5VhgY%2FlPbaGGUkDfnxoGrcZEAyb4Yfz6MLoHQwRmNzi2szu9g5S"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72aabbfb56b5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/	104.21.57.109	200 OK	4.9 MB
URL User Request GET HTTP/2 rtp4-kijangwin.shop/ IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type Size 4.9 MB (4879283 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Fri, 10 May 2024 16:53:50 GMT content-type: text/html last-modified: Fri, 10 May 2024 04:02:32 GMT vary: Accept-Encoding cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AxLF64DrrGsj5RlwxdEt5MYIF57U1SkeY%2F8bAoi1MwlzKJeWj0arvzVNJQ9UDOYkj81II2Hzs2%2Bn3buujZnK5VKik9Lw3n4jRee5qY5kcxflsqY3EUPY6fQYEq24TI3scaArZuFh"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 881b729dcb7bb4fd-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	rtp4-kijangwin.shop/icon-pengumuman.svg	104.21.57.109	200 OK	580 B
URL GET HTTP/3 rtp4-kijangwin.shop/icon-pengumuman.svg IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type SVG Scalable Vector Graphics image Size 580 B (580 bytes) Hash 6eb843fa8e73d77e2e847b5bc48e5859 8566caa924b88fd3886e98de16aa53a04036cf7b 181222a3ca1d19eaf0f6ae64417b32aa2df7b6e4101493245914a12c924045b1 HTTP Headers `GET /icon-pengumuman.svg HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/svg+xml last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5QS86mmou9rbsIjDTdkbB5mB7PuJ9gLeDzwbW6e%2F5pZhN66%2B70rYGrP%2BgiU4pa%2BIMzozU2OYx7zODBldgx5xAYPfv%2B73goPyuVIveFKlJu3litiViBqsuchwHFXUUfhp3TwivQU"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72aa8ba256b5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/home.svg	104.21.57.109	200 OK	1.4 kB
URL GET HTTP/3 rtp4-kijangwin.shop/home.svg IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type SVG Scalable Vector Graphics image Size 1.4 kB (1375 bytes) Hash a65b7e62d6a5eed5d087372f4d9f90aa a7cb2f232d020257fe1273ec452b27b7aeae801e c3ccf55a07be70cdfbbdf75cd6d18f14bd5e3ed1694c8dff1682141aff5fd711 HTTP Headers `GET /home.svg HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/svg+xml last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A3%2F884thmv8CYAldXPNp8pCVa628QpqzbmW0roRfVDt0iObCFQjOzr0T9TBihCHpdseLGI4%2FiFkosNYwVyn7Sn9vP1bySpfibIyBrtZuJOUJgkQ%2BkPg%2F4gjIMRTLfhs8WtDup9jr"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72aabbfa56b5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

	rtp4-kijangwin.shop/edit.svg	104.21.57.109	200 OK	2.0 kB
URL GET HTTP/3 rtp4-kijangwin.shop/edit.svg IP 104.21.57.109:443 ASN #13335 CLOUDFLARENET Requested by https://rtp4-kijangwin.shop/ Certificate IssuerGoogle Trust Services LLC Subjectrtp4-kijangwin.shop FingerprintBE:76:2F:0F:C4:EE:3F:F1:E9:25:2E:33:B2:BE:40:53:C5:DC:DE:F7 ValiditySat, 04 May 2024 11:36:58 GMT - Fri, 02 Aug 2024 11:36:57 GMT File type SVG Scalable Vector Graphics image Size 2.0 kB (1980 bytes) Hash 8d756fe3683f9c54cf858abcb9eb2ccd f9a2ac68b5bd1dfe855bab0b580cd6a6e8a4ffe7 1500696967803fcb76ad363949e8c0529a422c2f77584b4f408261726418429b HTTP Headers `GET /edit.svg HTTP/1.1 Host: rtp4-kijangwin.shop User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://rtp4-kijangwin.shop/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Fri, 10 May 2024 16:53:52 GMT content-type: image/svg+xml last-modified: Thu, 23 Nov 2023 20:51:06 GMT cache-control: max-age=14400 cf-cache-status: MISS report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4h8xzumQvTDa9%2BQ8KjZiWd%2FHR8X75tALbBhO%2BvZIRNpGImbUg5ddyydN14jdmiD7LC4rOUEUeVPW5DMz1Dgk5MEHbsSj0s0J3oKb%2BUAOYH5UFhqYzVnfK7rgID2Xgy0gJ%2FhOroE0"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 881b72aabbfd56b5-OSL content-encoding: br alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by