{"report_id":"d1f267e3-b7f0-4552-bac1-4976621c1fa9","version":6,"status":"done","tags":[],"date":"2026-03-20T03:04:17Z","url":{"schema":"http","addr":"ww1302.bocoranbom.site/","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"172.67.219.119","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"title":"BOM89: Live RTP dan Bocoran Pola Gacor Hari Ini","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ww1302.bocoranbom.site/","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"172.67.219.119","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-24T03:04:17Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ww1302.bocoranbom.site","ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-05-02","domain_rank":0,"first_seen":"2026-03-20T03:04:19.044078Z","last_seen":"2026-03-20T03:04:19.044078Z","alert_count":88,"request_count":88,"received_data":2759854,"sent_data":105464,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]}]},{"fqdn":"cdn.ampproject.org","ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2015-08-31","domain_rank":3289,"first_seen":"2015-10-09T04:27:01Z","last_seen":"2026-03-16T09:15:33.660878Z","alert_count":0,"request_count":11,"received_data":671820,"sent_data":4936,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-analytics-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"66a5185bf1f152093c4f95d91b9cb17c","sha1":"b990476ba15bbc4a56bbdb36440c6db0cf598019","sha256":"74dd63159ebc617b14f8276aa56298b52754e1630b69c222db8317fc2675e405","sha512":"d57d0bb562fd7b90e05f8d639542ed1b3e549f16a7c86abb5f847dd6d1c90f16c03207b88dc190bb74c1e50ea790f8a27ad4465e8a31c59c7eff9389651df5fd","ssdeep":"1536:t+l20JwK52+nKUaXlQKQdNc2n/vR8cr7teM+OV6:czJwK52ljQdNc4R5ep","tlshash":"84b3a39db292b07583d3b074952f500af33a7944340b812cf5aae9d6bd7998a6133f7c","size":112725,"data":"","first_seen":"2026-03-18T06:38:38.455745Z","last_seen":"2026-04-05T13:08:00.779265Z","times_seen":219,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-sidebar-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b694f7ac7a2d25f27e3a5170934f767f","sha1":"25695ed09263529c3669752ca1c3165bf0bd5522","sha256":"a8233411b529c7deb0122e2adfc259fd12bcd1ca27551d064cdd900668b122fa","sha512":"5521f93daf0bf6a1e4c6559089dabb7529336e45b2fc984e2e0ab60126d7b26c6bc43b97d838ac114730847bf3c02f5f35c30c06dd16a209cc8ea1be37eee272","ssdeep":"384:QnXCVRcBmElj6eU6nWnxXsHfdujPJqSQybcmE0X3b6IZPLyEu5M8JSY7:QXC0lj6J4yI0b6IxLyEcMDY7","tlshash":"efe2c79cf292b0714693a4b580af550ea23b6555240b882cb06decc66d7ce8fb137f78","size":31363,"data":"","first_seen":"2026-03-18T14:43:08.917752Z","last_seen":"2026-04-05T14:51:10.56773Z","times_seen":124,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-selector-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"43f73829cef780a51419c3678ec6fa14","sha1":"3e0788084285d4a63beaf35c91eb06d579711860","sha256":"5774ba1842280f76596c3298fa5f86322193069e359012c8b1ac8f2a16fb1894","sha512":"ca88a6203663da0d479ccf7ac1e7fd726e72b85de271c299e03dbf64e506e627cacef8cfbf1b2058ada8a3adc204729dc916be27637af1b08f3284d679a98f09","ssdeep":"192:4HfKZ9uCnS/pzCEp4wrJmDbi6QJmi6KSl6pZyaSr4gPCzken:E67SRzigEiOtKSMpZyDCzkm","tlshash":"272294b97256b13189db74ba841f1489f636b039604f8068f214e8d37c3cd9aa177f35","size":10222,"data":"","first_seen":"2026-03-19T23:02:41.233633Z","last_seen":"2026-04-05T09:19:37.187814Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-carousel-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"10e43af6290b9d3de97cd9896aed3d20","sha1":"ea15a74cadd40b83e8d70eab83aadeeeb02a01a1","sha256":"82df4a9f31c71adbf7a703488666a05fa07d6f2f20c58287776ec246ecd62c80","sha512":"38fc0aca11ccf52ea958b9fdf9b9419c9b054b8c96c32c6b11dce73b0bdfa91451b119035a0d851626535493a668148ad1fc97edaf4d8df2e41f1c3fcd0f6514","ssdeep":"768:IuCdWBuHV4qVy2STUJIQ7bFq8JN8n0HZJnMb+0:I2unY30Dbv3o1","tlshash":"d703d8d8b241b07546a7b1b4406f510ee23eb919640a552cb0abdecafdbc95e2137f3c","size":38737,"data":"","first_seen":"2026-03-17T22:20:00.41071Z","last_seen":"2026-04-05T09:19:37.19409Z","times_seen":150,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c54252d732bff78217cfbeff950b3476","sha1":"960deb0b579fba259aa9865d3b1deadff0538bff","sha256":"852bb88969e8e21c5f7403b97cdb69b072a54f60214690cee9f1dad4db2d6740","sha512":"e75fc0cc5405ac64ddce8e210062fda91bf50d668d8cbef548f54b22b311082da8d3830d9092375ab69a6d8def15d9889f195f03269ecc9f570ba7afbf77f7e2","ssdeep":"6144:ixUXfTWCOu6qiieuIbno1uzRePNS+7HYo:yqftp/0RENS+74o","tlshash":"e754949db286b0724793b075803f150aa33ba859244a812cf56de9d67cbcd89b137f7c","size":284617,"data":"","first_seen":"2026-03-17T22:15:38.805176Z","last_seen":"2026-04-05T12:39:04.612705Z","times_seen":859,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"89838914470dd0e624818145d0da20b0","sha1":"08e50aecb72cf5a2ee881dcd9f851f9060d7fecd","sha256":"f50872bb1f4ad2d9d9d9413b7f6a6fe28a824d82cd90a4d3865c9c9441a3ba76","sha512":"6a475a043519513c83d0c40d8fece777861225d8da5a845852d59652a87a6cc5e3a091d96fc489563c9109d53810c25604fda9d2ff2ff45cdc4ee7a61d390f0e","ssdeep":"192:9fQHMOgzKBbnnRrVGRoP0YWrO2tH1a9HzMb5F4g5A4WR2vN:p0g2BbnnHYaBzMb5F4g5A4WR2vN","tlshash":"2442a464b54ba2ac530352b484fab906757ecd4fb8504035f0018edecf99e48bd7ba6e","size":12715,"data":"","first_seen":"2026-03-17T22:15:38.807202Z","last_seen":"2026-04-05T15:08:13.169554Z","times_seen":645,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"dfd43df9e3425f6077d3bd69d5928cfd","sha1":"d5b1138d94904e2ab07092a86614976e1c2f543c","sha256":"94922d1f912dea5b7dd68a1a62d746f58d44a0c8305607aca116d6f08ba46708","sha512":"1f42867fd9dce4ae9a17c2a13be535196920068b4ca5b52b256baa92c48150b0f725a5f977ac59bafe6187e06e25aa2ff2787c37e23485bb943cd05fd126b6f5","ssdeep":"96:jKoAosPGpV3yMDc0jGAM+G0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:jKqswV3yv0jGAFCPX/tqKyWp4M0rDTI","tlshash":"d7f196dc7ac2b83a5757b4b780af414fa63ba94624ad9120d120f0d83cb995ed633e5c","size":7798,"data":"","first_seen":"2026-03-17T22:15:38.806244Z","last_seen":"2026-04-05T12:39:04.607217Z","times_seen":828,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-iframe-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6b5f9d7da6e9864379eff83e3bb806d4","sha1":"e5e73ac39ee678be49490b31ac34d91d2111be81","sha256":"b63b34913d82d5ceb3472e96cf0d7484b3e51e797064162ae57d3fd8ae2ecead","sha512":"063c150d4cf5d1989730e3e5417d5152ebbf6ce967058de4534a87b16e49938db0d3a12fc65dc7f25d21442bb88e41123a238d024d08cce38d742c4e69c82e66","ssdeep":"384:OUCE94KUrW/iK0FrkcUSUrkmH7szceWxZcg7vQOtb:TCE8rk6Ur9H7pxZcg7vQOtb","tlshash":"99c2c6ddb692b076079364b2a12f100bf33a7519645ad028f0aadcc57eb8d5a6137f3c","size":25732,"data":"","first_seen":"2026-03-18T06:38:38.468648Z","last_seen":"2026-04-05T12:38:53.066515Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"866019e32d667974068ee8ca1e6f51fc","sha1":"567d8a4ecda8c096d4ef18fdb59a70615f209dc6","sha256":"151fc4ecdbb674696a6f400b7054958640209ee719f2b0caa3117ad7d960a79c","sha512":"54af614595bf2095350a159c6a31ddfdb9262d600f5d32ecd12a6f1411aee1be62fb347597e0bffe70774aceabf0d88206bd1d773b988197876f0fb9341cd7f2","ssdeep":"384:oCXUpS23P0LAu/6jKdxXsHfdajJJj8JTAZl0oFpxRPKGOtH+8JoeWl4LyYO9Irde:oCXUVP5W1d0QzRtq+8JoPuLyYO6rdK15","tlshash":"48c2a4ddf282b47542a7e0b5502f670ba23b6054644a882cb42de9d66db8d4f3177f3c","size":26664,"data":"","first_seen":"2026-03-19T00:45:26.98443Z","last_seen":"2026-04-05T09:19:37.195615Z","times_seen":79,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-bind-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7d319af7e9244dcfaa8b58cb77072b8b","sha1":"fbd1e350e8ae85924cbca77765d7d4f3980a81ee","sha256":"d475cbf6a40fb7bcf666e64a568fe481665c02c090c96326f5e9f253a10c46e4","sha512":"efd2fb9dc68c124cd4dc45e955e4ff494d82a8e56eba77b79f489f01d0cb021cc9519a395fbf6461c90159edbc07b69814afc2e45c3d310d104aac329a62690c","ssdeep":"768:AOCpyLqXUK1yQe5ZVUGIaY1ScsJWdVFpyE25ZDwc:AYLqXUK1yQe/VUGIxJsJIpyYc","tlshash":"9233b499f292b07647936475813f600ae33f3959604fc524e06ae9c2bcb9d59a237f3c","size":51565,"data":"","first_seen":"2026-03-18T14:43:08.966808Z","last_seen":"2026-04-05T09:19:37.187289Z","times_seen":92,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/banners/lucky-spin-dapat-iphone.webp","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:04:00.954Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/banners/lucky-spin-dapat-iphone.webp HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjQ3NDJVTDFTSXdUaG1XT0Q5RnBMZHc9PSIsInZhbHVlIjoiNmNDK0JtNy9zT05Jb0o0c1psN00xLzhKeHNadnE2SVIrcVNZUmFTUXFyU1N3WGZOQllSaW5iVzE5WDA4dTltQVlZTEhGdm5kajNqeEJSbUJ0WDFJL0x5N0N3OWRJVUdwUkRhZ2JCR3N2L3NjbXJZU2pUV1Q2RGtwUmw4aG9ZTHciLCJtYWMiOiJhZmI3ZWJjZjdjODNjODUzZGZjN2I2ZGI0NzA2ZDMyN2Y5MGFkZTQwMTcyZjM5MjRjMjRmZjgyMzRlNDUwNGYxIiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6InMzSkxGalkzVHd1dGNoT3pUcll1U0E9PSIsInZhbHVlIjoiUTd6UmhibDBmTVNpVkZQTmJrRHU0SFNocndMN1NxTlpLWnk2QUlXR1I5bXlLSEpOL0ZjVnZsVng3VXR0UkorTFdqV1d5OHFOekFUYnorS0JiZzJ4d1U5ODZPNnR1WjYveTJUZXFoNjJoWnZYdUhaNUl3V3JNUlhiNDJ6aWVhNGIiLCJtYWMiOiI5YTgzYTQ2N2M5ZDRkOGEwY2FlZjJjZWIxYWMxNGY2NGJkNGMwOTEzNzZkOTM2NTg5Zjk1ZTNjZWFkYzJmNWIzIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:04:01 GMT\r\ncontent-type: image/webp\r\nlast-modified: Fri, 16 Feb 2024 04:06:29 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65cedf45-ac20\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5XZcyHknnTqHAtPgIeMUxIziwF2lIQlOzi%2BHNf8N6V0GbOGVOOusqYgh7pRBhjNsOsq9IWo2VV8uLW%2BicsaLFK3oPU0WhrjfHtzzzw%2FsUPAUMH4d6%2FU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17cadf8a32678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44064,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x320, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"88084fcfd9633fbe0d8dabe96eae0fb2","sha1":"03440fa65592ee2ce9c686276c3ad3221815e612","sha256":"6b11f4f2ad567905d711a00961981d2a39d420c5133be650d44210ebeea58e73","sha512":"74b7a32703af2cb077c379463567b889f55ff90a3a81e0d5f892abd58fd19ab38a0c27d08604343672864c118b7874cd41e2006480ce4e00ba67d4d180052fbe","ssdeep":"768:ovs8+Zbi69Tdb+JKMGhM2nYTD6Ut/YSaMJh8QbUzusI1cTJ2gZWH5PozGHEhP45I:6s8+Zf9pb2P2UNBYSaMdV1c8gZIPozGu","tlshash":"ae13023340be6a3108d9191e5b76a375eaae95e8a077f71114377b9be8340f19c027ce","first_seen":"2026-01-02T09:32:22.067138Z","last_seen":"2026-04-03T08:17:38.521641Z","times_seen":25,"resource_available":false,"data":null}},"time_used":640,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":219,"receive":421,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-cash-patrol.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:04:06.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-cash-patrol.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjQ3NDJVTDFTSXdUaG1XT0Q5RnBMZHc9PSIsInZhbHVlIjoiNmNDK0JtNy9zT05Jb0o0c1psN00xLzhKeHNadnE2SVIrcVNZUmFTUXFyU1N3WGZOQllSaW5iVzE5WDA4dTltQVlZTEhGdm5kajNqeEJSbUJ0WDFJL0x5N0N3OWRJVUdwUkRhZ2JCR3N2L3NjbXJZU2pUV1Q2RGtwUmw4aG9ZTHciLCJtYWMiOiJhZmI3ZWJjZjdjODNjODUzZGZjN2I2ZGI0NzA2ZDMyN2Y5MGFkZTQwMTcyZjM5MjRjMjRmZjgyMzRlNDUwNGYxIiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6InMzSkxGalkzVHd1dGNoT3pUcll1U0E9PSIsInZhbHVlIjoiUTd6UmhibDBmTVNpVkZQTmJrRHU0SFNocndMN1NxTlpLWnk2QUlXR1I5bXlLSEpOL0ZjVnZsVng3VXR0UkorTFdqV1d5OHFOekFUYnorS0JiZzJ4d1U5ODZPNnR1WjYveTJUZXFoNjJoWnZYdUhaNUl3V3JNUlhiNDJ6aWVhNGIiLCJtYWMiOiI5YTgzYTQ2N2M5ZDRkOGEwY2FlZjJjZWIxYWMxNGY2NGJkNGMwOTEzNzZkOTM2NTg5Zjk1ZTNjZWFkYzJmNWIzIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:04:07 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-48e6\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JeGwcOfwAOlkob5KKofaY7RSWZ8wo2RZcZcVfQAXLffiA0yxgnY8e6HOqZdgDDmgOa8Z12NpiXkwFZKsK1Vaqtqx2hRv6NcJKMbU8y7Y9pe1nHV0rO8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17cd39a132678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18662,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"3de6b2120485a42c34be2da0f954f6da","sha1":"5008096cae3e4285ef33277e8671af669dcb5f62","sha256":"62f056fde036f6860d3b00e7dd2b1a6f99d856420b0a84ad97f768f6df4102d3","sha512":"ef2a734899c351bf4f46a2854e57a755162a0b305b21423144c2a68cd8f9365346a58edf292e3636b377d8d5d059da79bc90eae398bef9d40e3bf1e9d6a9a8be","ssdeep":"384:Kf1MhOBsP8zJlHqnFRF1DVTQiB4LuJGse7X1QwY+40e:M1EOhDqfF1D1Qi6BseLb40e","tlshash":"3782c0f372223f8eccad163eb4610c62f7c3bd129080939a2185eae9b67a195dd25c45","first_seen":"2026-01-02T09:32:22.098008Z","last_seen":"2026-04-03T08:17:38.414461Z","times_seen":20,"resource_available":false,"data":null}},"time_used":413,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":196,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-20T03:03:51.700Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\nset-cookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; expires=Fri, 20-Mar-2026 05:10:16 GMT; Max-Age=7200; path=/; samesite=lax\nrtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D; expires=Fri, 20-Mar-2026 05:10:16 GMT; Max-Age=7200; path=/; httponly; samesite=lax\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mZURGz3j2yrYtDQReSl9fNZst7O5J0xwUrMnWNV6H1jpNp930GEytxI7HP71pIboNSsRfX33vd7dHVgd4vJZQ%2FMN8VnStqtkXjUEi3q%2FWJ53kDkEMSs%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9df17c7478594c11-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"Lightbox","description":"Lightbox is small javascript library used to overlay images on top of the current page.","website":"https://lokeshdhakar.com/projects/lightbox2/","common_platform_enumeration":"cpe:2.3:a:lightbox_photo_gallery_project:lightbox_photo_gallery:*:*:*:*:*:*:*:*","icon":"Lightbox.png","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":895924,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (768), with CRLF line terminators","md5":"e076c119109de6b33602e62e79b321bb","sha1":"d18e31a47b544878afb730358c4b6739b6d27720","sha256":"4347bf18f79ba7ec5a2377789ffb4515985cb324d913db54046b379005b70ef5","sha512":"37c488b38fa854ca83db94e07e476d28383593b1d185db3a33377d8b070bad2c200d081a9bf90192d382f5371876b0dbf0be2cb5cb88da839fbd4a96b48aaf20","ssdeep":"6144:a21uz36mxWs8TEfMUTFMUWk9Ga3GLLnIFQBsw/1bhpvHTs5BJOVMXW6lwBZUqaQB:n","tlshash":"0915cb7285c6762702b3c48193a21f9afe869257c307d20877df6bd71fbac21c94761a","first_seen":"2026-03-20T03:04:21.967853Z","last_seen":"2026-03-20T03:04:21.967853Z","times_seen":1,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-bind-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /v0/amp-bind-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16371\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\nexpires: Fri, 20 Mar 2026 03:03:53 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"07392ab8300ea363\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":51565,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51442)","md5":"7d319af7e9244dcfaa8b58cb77072b8b","sha1":"fbd1e350e8ae85924cbca77765d7d4f3980a81ee","sha256":"d475cbf6a40fb7bcf666e64a568fe481665c02c090c96326f5e9f253a10c46e4","sha512":"efd2fb9dc68c124cd4dc45e955e4ff494d82a8e56eba77b79f489f01d0cb021cc9519a395fbf6461c90159edbc07b69814afc2e45c3d310d104aac329a62690c","ssdeep":"768:AOCpyLqXUK1yQe5ZVUGIaY1ScsJWdVFpyE25ZDwc:AYLqXUK1yQe/VUGIxJsJIpyYc","tlshash":"9233b499f292b07647936475813f600ae33f3959604fc524e06ae9c2bcb9d59a237f3c","first_seen":"2026-03-18T14:43:08.966808Z","last_seen":"2026-04-05T09:19:37.187289Z","times_seen":92,"resource_available":true,"data":null}},"time_used":336,"timings":{"blocked":145,"dns":1,"connect":29,"send":0,"wait":39,"receive":1,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-beowulf.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-beowulf.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3c4f\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4qfbjr5YY2uy0y4LcTTCX3KS6MCgzzI1KCsEIQRaU1nSxMhI5h0ATx%2FmsnIy6NIqXiqkzJiC235u%2BSTVBFrl7tnocOkP4LX58I%2F4F3QsT0wiY%2FH45BY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df1f2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15439,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"3b59f5e908d535dc415f480116be22bb","sha1":"21af0e5037d8a31aeedc20d331e33d61b8fd54f2","sha256":"bc3224acfcf4179d3a860b0c97266f4aa3cd62e992c6af72eae4360118dc0880","sha512":"dd5836f2456d2cfc7954d72eb16f3bffd416b2af786de6a53d4bdb4010351223feb893d87660fc2bf6731c2cdb7ef4e96b5c22586dfbcba27690987bd5843983","ssdeep":"384:4UAES9tZzuUypcJXGtIutdFZbmbdyvA0m+:4U7GDqBpcJXadCyvY+","tlshash":"3e62c06123156e24d9532b7b4880391fea2dbe1b0a73f1798ebd47cea7945d1c03d6c2","first_seen":"2026-01-02T09:32:22.099714Z","last_seen":"2026-04-03T08:17:38.468597Z","times_seen":22,"resource_available":false,"data":null}},"time_used":857,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":856,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-caishen-cash.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:04:06.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-caishen-cash.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjQ3NDJVTDFTSXdUaG1XT0Q5RnBMZHc9PSIsInZhbHVlIjoiNmNDK0JtNy9zT05Jb0o0c1psN00xLzhKeHNadnE2SVIrcVNZUmFTUXFyU1N3WGZOQllSaW5iVzE5WDA4dTltQVlZTEhGdm5kajNqeEJSbUJ0WDFJL0x5N0N3OWRJVUdwUkRhZ2JCR3N2L3NjbXJZU2pUV1Q2RGtwUmw4aG9ZTHciLCJtYWMiOiJhZmI3ZWJjZjdjODNjODUzZGZjN2I2ZGI0NzA2ZDMyN2Y5MGFkZTQwMTcyZjM5MjRjMjRmZjgyMzRlNDUwNGYxIiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6InMzSkxGalkzVHd1dGNoT3pUcll1U0E9PSIsInZhbHVlIjoiUTd6UmhibDBmTVNpVkZQTmJrRHU0SFNocndMN1NxTlpLWnk2QUlXR1I5bXlLSEpOL0ZjVnZsVng3VXR0UkorTFdqV1d5OHFOekFUYnorS0JiZzJ4d1U5ODZPNnR1WjYveTJUZXFoNjJoWnZYdUhaNUl3V3JNUlhiNDJ6aWVhNGIiLCJtYWMiOiI5YTgzYTQ2N2M5ZDRkOGEwY2FlZjJjZWIxYWMxNGY2NGJkNGMwOTEzNzZkOTM2NTg5Zjk1ZTNjZWFkYzJmNWIzIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:04:07 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4f47\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jIMK6Kem519iBwXulDDbvDDnOSUSj5jHLI5KCTHWrB4UojoxDn8XomKXYkDd3RKraBNQaizBBl7yinJq2tFxRjryYIWHUot0HlhuROwJ5FBXWzfrqSE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17cd38a102678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20295,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"f0a0a24b2ae495628a2d0c91d1065c78","sha1":"9c3b5bd035bfef05feb4ea1140c2a4bf3496b8aa","sha256":"c56d22e6cb5f8fd7b90b61f88323a6950e20d4c9317d523ccd3d16ae1fdfca47","sha512":"334badc16d8c936f3f1dae8e58bcab630b4164997ae7132ec1d97f66c86413e96a485c41c2b0bb9a1dcd354fc5491e3eaf5e73ce8a5ba653a5a2cff3c806b997","ssdeep":"384:fERBTQ22Odc+Q3pl5iMYC/FR5LWBNFAnN2v2BozFGtn3l:kn05PiMYC/1yNEA+Bo0R3l","tlshash":"fd92d0d893604fddc99331fe4859220eb616ea6658f41257fe0c35f1e6e44e0b0ba982","first_seen":"2026-01-02T09:32:22.057877Z","last_seen":"2026-04-03T08:17:38.53483Z","times_seen":20,"resource_available":false,"data":null}},"time_used":854,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":854,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-777-ultra-hold-and-spin.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-777-ultra-hold-and-spin.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-5b4e\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2Bh%2BqX%2FFQ7%2BrGyGzfpeiCVvF7s%2BqKSJzmHJEyei9eGMHDVsWGCe6BhcsudlvjxVsQhrzlExt8ThZ3xHt1NJJZEf2k7Dqeu4n4b3hZ9F0benbYpUNEO8M%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86cf152678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23374,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"ab8a79691e0926256dbe4431f90d8e6e","sha1":"39537affd408564aa9f031b8801078599fa1acf5","sha256":"11f710f94c06a6a4751b777b56b7170ea90d2f5bcc786d8ec54aa254e4b82b82","sha512":"cf1455ebaf876dc39e3a125fc32d9f3d178194372a7032be4603daa0b1a777d833cc298fa5dab82bf1db33b1f9b7276165de85c8d25928ec89cb030da075aa77","ssdeep":"384:gz+XmiAYOLN1rJwWyLTmvwda19pTQeBk/pKIxqgY2C+ECDVz84ct:gsmjYOLN1el0wyvTQ4iQ2ECDZ8rt","tlshash":"65a2e1ed4b24656ae6896e7da9deb7b63100dfcd0ba3e31073121cc5534153744a07ce","first_seen":"2026-01-02T09:32:22.004937Z","last_seen":"2026-04-03T08:17:38.482391Z","times_seen":22,"resource_available":false,"data":null}},"time_used":803,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":803,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-iframe-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /v0/amp-iframe-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8930\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\nexpires: Fri, 20 Mar 2026 03:03:53 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"2dd50ac3710ddd59\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25732,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (25617)","md5":"6b5f9d7da6e9864379eff83e3bb806d4","sha1":"e5e73ac39ee678be49490b31ac34d91d2111be81","sha256":"b63b34913d82d5ceb3472e96cf0d7484b3e51e797064162ae57d3fd8ae2ecead","sha512":"063c150d4cf5d1989730e3e5417d5152ebbf6ce967058de4534a87b16e49938db0d3a12fc65dc7f25d21442bb88e41123a238d024d08cce38d742c4e69c82e66","ssdeep":"384:OUCE94KUrW/iK0FrkcUSUrkmH7szceWxZcg7vQOtb:TCE8rk6Ur9H7pxZcg7vQOtb","tlshash":"99c2c6ddb692b076079364b2a12f100bf33a7519645ad028f0aadcc57eb8d5a6137f3c","first_seen":"2026-03-18T06:38:38.468648Z","last_seen":"2026-04-05T12:38:53.066515Z","times_seen":68,"resource_available":true,"data":null}},"time_used":295,"timings":{"blocked":121,"dns":3,"connect":30,"send":0,"wait":41,"receive":3,"ssl":92},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-christmas-carol-megaways.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-christmas-carol-megaways.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3608\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i7nQucIvizwxzA4yeQ26SVZQ8vKh2hj4%2BKuPwU3PG1PZszASykq%2BXlTkNqjR0WEWh1L7%2Bb%2F3Zxi7y3stausvacACpgknnqBbyY5TXy%2Fik4ZzWOC5tO0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c869f002678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13832,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"db2d0a01a6aa5ce4cd3eaedb6a377eb9","sha1":"04522dcbb4b276cdc3eef78b567ad67a154c3495","sha256":"19d7b7cb8f440c6690f722696a4f207fd36de0cfaf4862089fb8099cdbd01cd6","sha512":"8f135d4dba25d557425f3854cda697e94106384a03d49908b704096b0df9543e2afadbfaadeca97cc4919431e3d990ca61b4aa61f613f62fb12aa541354c2837","ssdeep":"192:WZZgm1uOADjM0W8Yx7ZRaylaGolS1swT8L9kqpdL9JWMdYt4/ZsrhwspwIDmNY04:WcIYQFNIylyl+swQL9bFfTbW9OI6HJc","tlshash":"4052b065751a3446735e5d78313b0ab3c7c0f280b44119727a9b4f155de0cfbd349ab9","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.457651Z","times_seen":67,"resource_available":false,"data":null}},"time_used":936,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":936,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-the-hand-of-midas.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.717Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-the-hand-of-midas.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3ba7\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KTv2hnzOmiqtNdaRhU5t8q8kd6rt00ow7eE4Qx2FcVHqC4YHndxWhltTHaJdns1DovYGR5lyeuZumvFfn4L9dzS3YOpoAigL%2Bt3ttFrJrbqacNIlJGE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86af052678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15271,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"02d2ac15a1766f57ff2767dadc3f32bb","sha1":"df1e873adb2627dfcae9364bd4a3d78765463d68","sha256":"1c906efbe7b54179412b74249b7ca1b9e9bf12515f9badd5036fdab60cf80856","sha512":"91578fe9ffb0daee025acd0f305d83fd0dfb4a20618c9c20929470838900dd6bbca7a4726555329a8e98daf0858f337e2bc238d682429f9e9f1e1098ba335d47","ssdeep":"384:WYdZjaJfZjZqUn3G5nZWm9fzCkujBA6e1snnI:WkZOPjZZn3CnZXfaju6kSI","tlshash":"c062c04875a0bc06fb8566a5383da4464f373d0f14a4ea70d38b6492a121ffc66dfed8","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.502281Z","times_seen":77,"resource_available":false,"data":null}},"time_used":840,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":840,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-3-genie-wishes.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-3-genie-wishes.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4130\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=JfCb8euHLz3xNkpW8HJsq20od69n7NgTL%2FvYQZv59BV81c%2FDC4yOt2VqyGflz%2BfMgQQQt9fB2isoKVNZN5qxl%2B2kcK%2BCfoN5kdd5ogTa1zpGzQ3Hr5E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86bf082678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16688,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"1e55908db207f1ef059c8399f910f7c7","sha1":"6c1f05bf911d6fe9f8e372c293f75181df93b8d1","sha256":"60ba9f79b774c09ba3b5120994650de25b8f0c1e05ffd12a12e11f3dc6b33460","sha512":"85a9c56ffb28d61513ce61094e0fb4fd6502e8fcee292f794a7f20393850533ddd4f508f046fdfe68ac9aa2b98053df0de7415573db09a2d36db01b50cad5607","ssdeep":"384:frKq/Y+b1YeFprvNsfn1kGvqs2Pgh9oSke9qkuqmWvA7S:TKq/d1TuzSfA9pkMqktY7S","tlshash":"0c72d0238e90f9a3d15819f0f8766a96bf74eb1133a94a0055920fc91cb3c572dc8c9e","first_seen":"2026-01-02T09:32:22.074886Z","last_seen":"2026-04-03T08:17:38.536266Z","times_seen":22,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-3-kingdoms.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-3-kingdoms.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4af8\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=V%2BVca5ldbRLQ%2Fg4CGClRyq2uD7ppB2hYkOFvqGDVBZoHTeiWOFjtANXvz9eGs0pPtJWQoIfE1X2PixZcHJOpyyv3llKgfSr3ModIWWt5aHQU%2BAmnjVU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86bf092678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19192,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"86d5d7543b6370fc10dca46692f2172c","sha1":"faf53d1094b46c34812b93869a5c8df9dff74153","sha256":"a27270dcae8fb8b804356b3e77162b1e9bd93877dc649b0fb6c1144707ba35f6","sha512":"0298134ebe9d5d4e536d6130549d0ffb04dc0832213f9e876313a091499b6fd328b1f84e703399f13ed9a0271e102656106f082af0507eef5ebcdee7500a82fd","ssdeep":"384:NQTDue9W/5WcokVAcRRwTb6lx3q4J+iMaoEHgGIlotVadsmjpiXjrjdnf:OfuwEJdbRjq4wxYVqsmjpiXnjt","tlshash":"4f82d00153c4f756e0721a7572f5a3f2ef69eb2e70b68f04f1828bae7d2ad010208d65","first_seen":"2026-01-02T09:32:22.076167Z","last_seen":"2026-04-03T08:17:38.416319Z","times_seen":22,"resource_available":false,"data":null}},"time_used":920,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":920,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-7-monkeys.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-7-monkeys.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3e3e\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ga6TrlKGTm0JaAUDtZuFNNw6i9pVVzVZhZSxxOnlkm8UAStt6cHXYIGkQpU1zp9cfoU%2Fuh030lWPS3ZlvpV3ZPLjkqGKyyPB5PU7Nm0JCu3nmUkOLuA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86bf0d2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15934,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"056ae6a634fa1ef391b1c0ef5d545133","sha1":"700ded37acd2b037405ff2740aeca7d5f4297164","sha256":"8f5773542b419f390c78689ba810e6c4ba4b2bccb0e77bedb71300a86b1e2a7e","sha512":"1c4198e37bfab4b093ae45956c943e38b8dba2cff5a1e6838ab0fb4f4219a3b165a85396b2c12dce9d2e62ddd5600f8704265ad01cd067c285528a6e96fd8cdd","ssdeep":"384:bUeOSC5oxQqTK2gvKwsFkqZ7W3cMkWGVmOwpXl:bvtbxQqslkBekxkV","tlshash":"1962c02dd780feddd740ea795454ce848534ba1a7db290be891ab2d0634a4b70a0cead","first_seen":"2026-01-02T09:32:22.012284Z","last_seen":"2026-04-03T08:17:38.530733Z","times_seen":22,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-7-piggies.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-7-piggies.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-51a9\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rYk3YFREx5yjtqL%2Fo3DkasPTNVZIW8iiGvVAF0%2B30Z7B4tPeP2GQRodijmaArbS6HIyQ4srihZkISSXZrncY1o%2FPTeksmURSLQAcAl%2FfjrHP8F1cLO8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86bf0e2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20905,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"c5c781a3bd149c501a71aae8a29b3316","sha1":"6af2a790e46a823f088c2d3d58a440421abf35f6","sha256":"b5a1c4761b2d0ec5b6ee4d81cadbd24c0602bdc36363fd3688b052fbb1019baf","sha512":"8088f7c3b73db8caa5b84f17435154a0fa2553d36e4968486dd96e0c30769e2570eba61ac17f864b1c57ae50a263f8a7c1f528ff64ecca10830b9aee816217c0","ssdeep":"384:f5Yrb0/m+4g07Fsw2iqwbRFzMEKqyL+rDoCUEbcAlmeXgNf:fObt37FsJiqwrAZ7L+rDoCUnAlPgNf","tlshash":"1192d1d2e2d9a7faf5eb1df1cb462c2c264474b06c5b1495e0c677f69e4d3800c24b9a","first_seen":"2026-01-02T09:32:22.077381Z","last_seen":"2026-04-03T08:17:38.411508Z","times_seen":22,"resource_available":false,"data":null}},"time_used":789,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":786,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-voodoo-magic.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-voodoo-magic.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-34aa\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zhmRyJxYHfBwWzB1IrN5lr%2FXAgkUXyOrzQveOhYoQdW6uTcjPNnUfAVpfk0%2BJJQLRoUUPYfzrP6P8wAyHFFWO%2B40BOCFG6B1AIsKCGk%2Fg4FhVkKOFX0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867ef02678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13482,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"7514c651e76b944ea1b6a83d2e051f85","sha1":"f3fd00ec24ed5fa24b039109fa307a6660e209de","sha256":"600301a4e3c5bf1d64f09ed7653fca72cb34653f6436371f28a3d652a4bbe405","sha512":"247beef2f62fd41a4409599c1416b80f1182388ba525f5ceaf165ab59627daa1b92879a7baed45bf1976692896cb9f86ef90da7b39902f93ff06089462cff0d9","ssdeep":"384:Wnb+MWoeISV+rXFK0aUGg83JvDggMievLlVQzmb1RL:WyUSV+rVxru9RMtvJVQCzL","tlshash":"b052bf0ce6c3d4c6db6490e020f1177b9a065a41d4a2b9fda6ef9c06007ee71f01f5e5","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.463458Z","times_seen":64,"resource_available":false,"data":null}},"time_used":798,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":798,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-return-of-the-dead.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-return-of-the-dead.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3b63\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rgnUi7TBoFTRsNPUim1YTzCmPXpWIiOgRvWRsOBsH0hfwtc8wULss9jr7PmK7ehXu4GwaXxfJ7kFLvrPx8X73qvnmxdurXRqFsinKUpalsDu46L9gGQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867ef12678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15203,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"24dd0032552868aba394e6f6c4d4c9c1","sha1":"47f04fc6fe59a4e0e7647ba9a0dd66315e74f71a","sha256":"36f0c3e15a3693338be2e194593211f5d26907b376ed20190dfa4c34921b7078","sha512":"eec29e5c931c93634e2fe2054ad570a64f86c5f84549378fdf9465ef3c74b25a2994ea9e72da3464cda406da8465a96988aeb9ffe149b740200c1bd942f244e2","ssdeep":"384:Wvde+wqCTdZH+38AjxUyMXAZPEBwa3vnNMCnaP:Wo+WHU8AjCfIMwMMb","tlshash":"b562d00f861b42c85f41215024e728371402128fa4fa95fbc5cfce99f630ef5eba60e2","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.523707Z","times_seen":57,"resource_available":false,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-christmas-big-bass-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-christmas-big-bass-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3f01\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=T2b86fsbzNrWM%2F7nk67vec9tZQ%2BT2giJDa4TvzxjQHLloT81eRInpaAuVWnmSOs0sbXfEUQBjl%2BbdWUX4luKK%2BMLP%2BP5dsyRberRqeIbAlNPd1aRaPU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c868ef32678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16129,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"3021ef92dd4cf3c5e72c06e4cf9373b1","sha1":"c076a3e3cad0c50e3c975798f1080d33118f6bd8","sha256":"4611aefee3e49916fd3e808ad0a5491390c086019f37069511c5f0bf786329bc","sha512":"8084d306931048ed14a2966c147aa985181e6378af675c0a7d67c7cb526b22a17c6553b8b3276dcc1b19bac806995cdd3a47f4c0e10b6e41934166ca7bb071ca","ssdeep":"384:WspAn4K36bIQ52usejy0jfFZB+VkJp5RieH6E+kL9qUN8:WspAn4K3U5NsAzFj+VkJweaFkBxN8","tlshash":"1272d00dd9c3c2c4d7bc9df412be9443e56aca816b52c1f05bee9c01e9b5c7e4a016d1","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.52427Z","times_seen":51,"resource_available":false,"data":null}},"time_used":236,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":236,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-great-rhino-megaways.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.701Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-great-rhino-megaways.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-39fd\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5UdnCDeLXh9BJsBh2nRAAj4R9y0VtbXRnLqX1kNvsbdYfNjc7TGoRQnzsxsCnIlPbgVv1FZPEKUrrOh%2BSY7nJjYFJmzxEBJbjt%2FGVhJgSNB7LO7Ucmw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c869efd2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14845,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"a1e2598321e27502ae162fab5e1d2ca3","sha1":"c4564bcca841c33ba9f8b18d59d7c85c529052da","sha256":"f48d74daa1f5e5308b44493b9d33f88a6603897f45d47ec33c6bec02ce1133ec","sha512":"20c61f542485eed8d2d99d9a0e058501c137f1d4e3f9d759bbb4cae94f7100f2ad62b11ca81f3d41e11e3f8e2e7a433dac97699bbaad38e411af3757e06bf407","ssdeep":"192:WYYnlZ6LHpII+H16o4uCQOF+vQUHxsDMahbHAiUtKu5PShxm0gTddCp9TolQvJye:WYOspH+z4hF+RQMaNmqhxCTdd6NB6qRZ","tlshash":"3562c0cea61335cc96e59cb172e1235ca9019dc8ede3b1f5388ad44228fcdf406269f9","first_seen":"2023-05-11T11:12:19Z","last_seen":"2026-04-03T08:17:38.485514Z","times_seen":80,"resource_available":false,"data":null}},"time_used":776,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":776,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-lucky-lightning.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-lucky-lightning.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-39c2\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WYJDty17jNmyJlRcxoC%2FWbXUWvrEzGfTfu8t59Lgt1vQX8yhLtJcsxNi5B5bRbUYnTGXF0GjxhCDKUnJaZnMHGMfAG%2BT5qzw1g9PrBnSDuwq950olbA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86af012678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14786,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"6054b273896c37ba4e5554f681a8aae8","sha1":"e7111c0109d19cc266f0f1e9857653a4040fd4d9","sha256":"f75fe03dbd32652cdff17cca3cca5984ca2c9593ebd2aa6a5c486775398e64c5","sha512":"2a4f23b325c62c40e38ec397fe314b0550e49e35c0139ccd54e6557201f3edcd55ea6f325605ce54751459fee8b7ec968c2b96397897f79e06fe3cfbc6a82481","ssdeep":"384:WBCTdfqKWA0P26K68KX05HP9ahaK3dxUIIuXcAKO6IWbyX:WBCTJWA0XKzKkpP9nmdQuXRKOOC","tlshash":"8562c097291688417be188f2a4da712ec7c287df430090b72266d4e90ff6cb35617490","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.495222Z","times_seen":57,"resource_available":false,"data":null}},"time_used":590,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":167,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-the-tweety-house.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.713Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-the-tweety-house.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3842\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xGo%2FXgcDfDZgGMDudkIcNgcP2kRaQVtMWYF4CHiYmTHgmu7vbKD9memO62yf%2FTs6JSyvZJPMJvsJyqdB78mNBXr5guAGxDx8pvUW4cqXayeFOmNBP%2Fs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86af022678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14402,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"09e99dd05902b9536a89b963ce2b0422","sha1":"10fa7873680c1522db5fd59a8603c37197660ffd","sha256":"42496ae54159c1bb465b344cccc9253fc74fb0dee93c081d11a9f638bd2988b6","sha512":"54c8076d5e75452ae37062b6cbe814392b28509229e33378eceb5975e607351e31f779f1ee3486c9ab66aa3ae4d8e678f5b6bb27944dbf4387e164d8aaf035e6","ssdeep":"384:WkalH1YqtbMS5Ly/P86fuRYFOIKQIPq6DcO8:WkI1FtZc/P86SslIPg","tlshash":"f752c08fe8dcb94487573ab47dd6689cd44056706de8b03d608a5e0c9e4cdf434b8b8b","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.466072Z","times_seen":63,"resource_available":false,"data":null}},"time_used":817,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":817,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-gems-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.719Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-gems-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-31fe\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oCVUEt%2BQ9T5OedbteNmo7JxtXKrXWheu1cTg8FT%2BppxW8pnXm5Hi3wY7y1IU0AfaqQTupxZQsoCGOmm2KSP36EI2JRUXr3rutkbEt1CycjrQwZFaGDk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86af072678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12798,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"b48b9e93ae39223e7c7be4f2f23864dc","sha1":"a4ac9ed8177e02a94f19e7608d8e6e812387a152","sha256":"853dc04edaffde449e0232c565522b0cc51e8e61fbf3aeb18ab59700d6e0946d","sha512":"10f904249a7714e8d425978f1d7b36426f2c935f4f22f5ff59b8aabe21c967088154043b70fa9de053570a7cca20b59ce62dd98f95901a4422bc9d48d37a420b","ssdeep":"384:Wv07bsuiEBSPFsPh5z9SKvKNhMValNVYkaWYI00RXm:WvIbV7SPW55o2KjMVem9Wr00RXm","tlshash":"8042af17a21a0d84db55e8a365ea773ed0e24c94111df928664bc84b92d0cbe7a0f6e2","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.429033Z","times_seen":85,"resource_available":false,"data":null}},"time_used":895,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":895,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-5-lions.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.721Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-5-lions.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-5614\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=oi6grhXQrD%2BoOYMIyTpPgJnqDktSQFMzx8MjeMyuxGy%2Bpxlr0a6TdzZOF%2FQM304GcKfASrLgkHN2ZL4Upi8BwKvu%2B0hminNx%2BePwRSi7zcIhIihKoNg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86bf0a2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22036,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"e66a6e50131303732afdaf19ce8b3a0a","sha1":"6c5be2994300e15768471508b318153ac9a526a0","sha256":"5d5d59b6ebfd029ec44b7a655c468d91e222d31b89fdec52bb554858d39d2795","sha512":"6c9e7e970992220a01127f894181a0330e5318b29860481ac500a1a03164fc430b9c6f03d71d22ab5eeba316a42cc88c7bdddabbe8c7090d35af7f36eb2a47ae","ssdeep":"384:V9ayUHncNqEwmtJgPaHdop7+KhAXJEUQBafDz9bbgGpTpRU17MAFv/VKNm935gY5:7ayITY2hxuE9kDlgGpNeHR/VKNCJIg","tlshash":"88a2e020179bbe53f429d1ff444cfe97194b2d30c2ed06b1aeaaa4890e19e095d25e4f","first_seen":"2026-01-02T09:32:22.011156Z","last_seen":"2026-04-03T08:17:38.452255Z","times_seen":22,"resource_available":false,"data":null}},"time_used":834,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":834,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-carousel-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /v0/amp-carousel-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11513\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\nexpires: Fri, 20 Mar 2026 03:03:53 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"e34f527b840d6c6a\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":38737,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (38616)","md5":"10e43af6290b9d3de97cd9896aed3d20","sha1":"ea15a74cadd40b83e8d70eab83aadeeeb02a01a1","sha256":"82df4a9f31c71adbf7a703488666a05fa07d6f2f20c58287776ec246ecd62c80","sha512":"38fc0aca11ccf52ea958b9fdf9b9419c9b054b8c96c32c6b11dce73b0bdfa91451b119035a0d851626535493a668148ad1fc97edaf4d8df2e41f1c3fcd0f6514","ssdeep":"768:IuCdWBuHV4qVy2STUJIQ7bFq8JN8n0HZJnMb+0:I2unY30Dbv3o1","tlshash":"d703d8d8b241b07546a7b1b4406f510ee23eb919640a552cb0abdecafdbc95e2137f3c","first_seen":"2026-03-17T22:20:00.41071Z","last_seen":"2026-04-05T09:19:37.19409Z","times_seen":150,"resource_available":true,"data":null}},"time_used":299,"timings":{"blocked":123,"dns":4,"connect":30,"send":0,"wait":39,"receive":2,"ssl":95},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-wild-west-gold.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.694Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-wild-west-gold.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-37f6\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0jSc9DAmYiG2m%2BOXdSgNUQA10yRKZikHwnb3T6KxJo%2Fs6URjFc%2FrObPh4KeBRLW5D2Mj4%2FmgRoOD5lc%2Fu0fLzX8mOkz1QvIW%2BROk5aSl0o4rmKdPCFY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c869efb2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14326,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"7966e936e88709ae6a9e402e982803bc","sha1":"071c9b518c4b8a7d1f878b4857a78eab291a96a8","sha256":"5f3f5dafacb02fd29dab97bf5d03ca5ff8cd3bdf4eb6f7467ae300c30f0dd550","sha512":"f427e376c1074cba840536a8d21152fe25e02d7efdefa54361a4de4f3644868c7074183a0c187f6bdc6a33a85531b8cc136848937921f2a690715b285e763927","ssdeep":"384:WMV/rlQDmGPXdu5ymsyO5Et6JI7ZHPZMHFu+aMZV:WMEmGPN4+yft6JI7hPZZ+aMZV","tlshash":"7752cf8e732413834f68acb28d7a76eb770f86419e51aa731516ce0b6091c3b1dfc5da","first_seen":"2023-05-11T11:12:19Z","last_seen":"2026-04-03T08:17:38.484867Z","times_seen":92,"resource_available":false,"data":null}},"time_used":393,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":393,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-big-juan.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-big-juan.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-5a18\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GXU%2B0K7xiqw9yWXzVeJKcmQOhqZuLjF7KOC7ICxDPHq5Hb%2FQhBYDlYfoMM%2B9ntOVKbTsrZg95kRTCfupoEY%2F6WUoG%2Bhk5BPK7FvSDW3b3QS%2BmWpXSb8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ef242678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":23064,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"9d0ffe14c1cabbcb42985c411887a6af","sha1":"ec32a6ab6e172b44d7bee01b8673419b0c925753","sha256":"c3966dd4a529fbdcccf4c96b2f5e850bf7ff0ca7465648beb5a3dda8c0afac8e","sha512":"2369bcc35bfd5ee9166aa831e41eed77f1092d1c413192ecb35fef255b668877c0ecaa6e3c54d3801f527297e530699662462183917fbadcc4ffd644d5d2da0d","ssdeep":"384:b1F9U7knwauBKOeW5e4RLsmuzZNz8NJdq1mCW8kmU+2GePpGcRdhIiiN4:bZU7phKOP5egyz8Q1mCWMneRnPLiy","tlshash":"1ea2e1a4fa22dd4df00b187f4678b190a9f36cb5a41807ac62f554f9322d3a19f6d5c3","first_seen":"2026-01-02T09:32:22.018005Z","last_seen":"2026-04-03T08:17:38.442516Z","times_seen":22,"resource_available":false,"data":null}},"time_used":874,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":873,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-bronco-spirit.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.753Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-bronco-spirit.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-40df\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=VElg3yEUOhT2rskX%2BV2%2BD%2B58nT3NVLWa8mtBAXMVPxISEsTObuYkBgJnfQX7JKbmjZFs1GWMrdbfnSXaPwhHuSWbsjZB5EfSVaebq9%2BMqmEbejCy6ys%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ff2a2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16607,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"3cd60b824a0592268feb590d31dd8ea0","sha1":"0cfc40fca3411656f000119de7c23c8901c08d08","sha256":"546b083cfa9be4adf02904266b1010c8bcbbe85f06d1d7e655ac771c59e3e88c","sha512":"46789ba49fd3f517073a29cdaa9c5cbe0c18a72077d1da14f5102394f12cca43b1185e90e98a38e56ab4b1744745f419167005271920d729659e626bf4fc99be","ssdeep":"384:vjZADrTrsx0FI0CvsizeB4w6VP+4Uvb3WEIhzXiAMhdNVLOarelt:vFAD20FIn0iKO12rCE8GdN1ONlt","tlshash":"0c72d02fb19dcf99cc395bb412f0d2f6fbb26421e02e7248d1e381d475819531eaa80a","first_seen":"2026-01-02T09:32:22.047648Z","last_seen":"2026-04-03T08:17:38.483028Z","times_seen":21,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/banners/bonus-50.webp","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/banners/bonus-50.webp HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/webp\r\nlast-modified: Fri, 16 Feb 2024 04:05:11 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65cedef7-ac18\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YNUtDBgJwJse8KaQGrJV%2BS%2BM1ftGnydnzylHcS6pfT4VyPXEsi0DNNsXdYrrmqqSefd945xZAJfMx8%2BXUsLzCDNzbUdusg0uc4WIyktzbOUz3cES1es%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c88ff3a2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":44056,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x320, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e86aeceeebc3035186aecc5ba59a1565","sha1":"5d5c9e1170ec60a550827d0e6c9ece2cc6e52e58","sha256":"5fa3b64d5396b11a2e995730eb4dd64519459cc8458ffd4392aca11746c78721","sha512":"7aa28fbabce7bdd88aa272a0792836850afeeb524355ca3d07c2d2798c4eb4e1aa28863e8919a26603c6a658dd022dd4b2e59cc1b5e24f29ef8beb8c778a18de","ssdeep":"768:zy4C/H7w5cLn9Ve5rdb9we4X/ggUDsVU1UGokcvRNAziWnARjK:J27w5MjePRIvBUDsWUlcAVK","tlshash":"db130288eab27d9593bd0a48e595a6b046a39ef9ff3310016497a5b680137081ecd33f","first_seen":"2026-01-02T09:32:22.087062Z","last_seen":"2026-04-03T08:17:38.490138Z","times_seen":25,"resource_available":false,"data":null}},"time_used":1038,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":832,"receive":206,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtp-categories/playtech.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtp-categories/playtech.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-1b27\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=l6Loyopl2S5w9hOwTuMHGmUTB0XgGagYH8JaM7h9Q94oigH%2FBhnFymYckfCkyX16VNLMresp4cr7aJ2Fk%2F3JUzlfdDHDpt70HPOKX7lRaAT31nMFcx8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c891f422678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6951,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"f9a617c61ad035f51d533a0aae776561","sha1":"16f0305560c42f5f5760bf1d3ebc224779c05210","sha256":"284260a76cb755d26963a7848a63e38f159a60ee369f3912e113be351d22e301","sha512":"754220e5ba691cbea0e97f9e4ad210013c0168d519c63de41252768e29713d08f8c70136397cd85c1138dc226d913ba0e0a62cebce5a0791a76bd55c781888c5","ssdeep":"192:DPwvEC41uqBVNSPFa7NsfbMA1JooZQm6FRn:Xu8nSPFa7WwAvo2QmaRn","tlshash":"93e17d2ab62fe360fb85040caf28e86b5fa7789c724caf58f4275716e25414bc05b5c3","first_seen":"2026-01-02T09:32:22.044072Z","last_seen":"2026-04-03T08:17:38.527812Z","times_seen":25,"resource_available":false,"data":null}},"time_used":625,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":625,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-caishens-gold.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:04:06.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-caishens-gold.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjQ3NDJVTDFTSXdUaG1XT0Q5RnBMZHc9PSIsInZhbHVlIjoiNmNDK0JtNy9zT05Jb0o0c1psN00xLzhKeHNadnE2SVIrcVNZUmFTUXFyU1N3WGZOQllSaW5iVzE5WDA4dTltQVlZTEhGdm5kajNqeEJSbUJ0WDFJL0x5N0N3OWRJVUdwUkRhZ2JCR3N2L3NjbXJZU2pUV1Q2RGtwUmw4aG9ZTHciLCJtYWMiOiJhZmI3ZWJjZjdjODNjODUzZGZjN2I2ZGI0NzA2ZDMyN2Y5MGFkZTQwMTcyZjM5MjRjMjRmZjgyMzRlNDUwNGYxIiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6InMzSkxGalkzVHd1dGNoT3pUcll1U0E9PSIsInZhbHVlIjoiUTd6UmhibDBmTVNpVkZQTmJrRHU0SFNocndMN1NxTlpLWnk2QUlXR1I5bXlLSEpOL0ZjVnZsVng3VXR0UkorTFdqV1d5OHFOekFUYnorS0JiZzJ4d1U5ODZPNnR1WjYveTJUZXFoNjJoWnZYdUhaNUl3V3JNUlhiNDJ6aWVhNGIiLCJtYWMiOiI5YTgzYTQ2N2M5ZDRkOGEwY2FlZjJjZWIxYWMxNGY2NGJkNGMwOTEzNzZkOTM2NTg5Zjk1ZTNjZWFkYzJmNWIzIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:04:07 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4f66\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ScVBqtk3VkH3AyUe5H0K1TkvpFW1nqn7hOdlsvjCmaOJtt9L3Eg4fEahVx2h%2FFJxONLNYBf2vD5XXIAq%2Fxrsg0ehM9Opv1QFKAgR4vsR80ph%2Bwgr%2Fyk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17cd39a112678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20326,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"13ef31e3be6110fac6366633677df5a1","sha1":"89b9e08eb4694a3cbe7d666719e0b634df6b8cda","sha256":"aa53443c0c460c7429e081d5683daf32ac04d4dcffa7b489a6f242810ec90647","sha512":"97cda6e2a84899c541866be1b78f2f178c64d24bcbf0807c067b0561668f6e575bfff3fe3eba94cae06b129491d696acfb2e5293bef41535cec93408bdededc3","ssdeep":"384:+6I7El6GoS5Xa+u66wdkQ66/EJMOxfM2Iz8SRAqf1V:tI7El6m5Jp6wwOE24gzdJdV","tlshash":"dd92e11ae2f7b9c1e16c88bd4da2c5d7f74b26150eb70e8c00a48bd617639b67a05027","first_seen":"2026-01-02T09:32:22.031943Z","last_seen":"2026-04-03T08:17:38.469127Z","times_seen":20,"resource_available":false,"data":null}},"time_used":395,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/assets/background.webp","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/assets/background.webp HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/webp\r\nlast-modified: Thu, 03 Aug 2023 07:04:10 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64cb516a-29e7e\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=jhULqKc5L9l4rsdb%2BbIJbwiOPY2gYSuuBmf4fqWxhr3t7O27EaLScxdDtuZLjnLPQpVj1Tfkjx4DB2%2FTXwjaTsorTIv0oMadUA%2FSXvFB985SHxXSjaM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c7e6ec52678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":171646,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1902x1250, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"743bcc2a95eabfe75230ddd207a2c94d","sha1":"4a6f2270f050a8569ba1304bf266f33a35989894","sha256":"78f96325fbfe405f21796c8da98394809d03adaf46c4dcaef86cec51e4b36d6c","sha512":"0c9bb6c9a0447717bcdaf98a83d7000fa2ed1366586bd1aadb0afcdfdb3dab7a7f1f9e1ae5fd2b98881612fbe215804bdcc4c6f4358fbe263015623e319874cb","ssdeep":"3072:9GlAuQXRGq5VfAMErNiYQgg4CZ69WQMJVCyblneRkSMNJD+JJeDFwawNy+b:glxWb2WZ693iblnukPNJD+G6aw/","tlshash":"f3f32317476608a67b4603ff391d10d18ecc3c37dacf11a86a298e653a675bddb2a370","first_seen":"2026-01-02T09:32:22.053468Z","last_seen":"2026-04-03T08:17:38.462987Z","times_seen":25,"resource_available":false,"data":null}},"time_used":1283,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":837,"receive":446,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-aztec-gems.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.680Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-aztec-gems.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-2f6c\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k7mN6e1lfOcEiwk2nXZQ%2FyUeGe6NkFmQNsonMsalP6BdaRiVmFNoofIyRALU6WbLQXd8l607DJyZq%2BDbyu7TheysS7lYZH0kkuq8c1EhTc1s4udhKrQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c868ef42678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12140,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"d5430d981259a0543e11deab7e627669","sha1":"a54fddaf8962dfb31027f79b618c5e6aaf4b1d16","sha256":"2e43afdc85f332c514a301ca09da50f19a8acba41618971c1c1ef9c8d627114f","sha512":"ebe3479fd65dda21055b9ceddf8277b79ced7139ca91c21329dd98226bfd8e5f8ae10a7ca13102b609c22837229e3db4841ea37bae874a4374d468ee4b5b96bd","ssdeep":"192:WfZ6y7yjxJYgcFkZQen+cX09gDCLm0c09IRYcQeFm041H0yPOZzTY6OUWAfEw6c:WMcg0k7X+gDyCRY1jLH0nZttExc","tlshash":"f042aedb238b6c80b7c9503476a2256015894572c785c3b5741d9318dca8ff59afeeec","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-05T06:08:13.924835Z","times_seen":525,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":807,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-ancient-egypt.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-ancient-egypt.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4ecb\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K%2BBESCOyl3HiKv0jffDEauRJoCWSy%2B96uqzAfFIrAa3E636MfqI4pa5fHQQ9nsTBHGqQHMjUm%2F2ZZw2nrTy898qLnUpnRpi9EvmmIHUcd5r8BXWcg9w%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df1a2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20171,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"529538543e67eeaf2a9699314e5b5516","sha1":"f24512a3cfe4adfb3dc34975e695bf5c38f314f5","sha256":"e637aabcfa3a7897fad3eda10433e3b7cd825297c9781555df8bd51a56ee49a6","sha512":"1fd53e97c320bca1930049f0841deff383290b8b200fe866afb45b1ca8fe1d080c426e47df00198ca219ccdeba5ade1bcb6e8ce13b4a764e985e1ce4ac6cb11f","ssdeep":"384:2ymY2rx/31vu2/GhBnDtoGPBfL6z77QZnW8t+0A10eUVKrg64tykpJ/exNN:nvWZ3sI4B1E7EZs0A6eUVzDtKnN","tlshash":"3392e038f284cb51eafb867528689fc55bfa083b217706f4408296dececb606c546748","first_seen":"2026-01-02T09:32:22.061316Z","last_seen":"2026-04-03T08:17:38.454372Z","times_seen":22,"resource_available":false,"data":null}},"time_used":896,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":896,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-ancient-egypt-classic.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.739Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-ancient-egypt-classic.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-533b\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bQit70H%2FzPCccBPATME%2BN50lVp26q7%2Ff1kp3IZ%2B%2F7rYLyU45%2FivdxTL17ntINrsFbFGPNEs2nSQGCoNys80E3TASy4ORh0EWJJdaEmfDVkBs%2FWbgRGA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df1b2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21307,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"fcfda7ab4b330d38b0107748b75b5219","sha1":"448a91b55bdb931f8983155a7db6d4cbb16c1920","sha256":"059e196bd9aac81553eaf484034e577fb0db6a8ba598cd23bd4236f4744f697c","sha512":"06804d7518ba88e99c8112e0411ab81c6f1612ea43f06b1778e36de96f37408f2365570a9c85c0c5700ea0b58cd44728bb4d891d532d543cb46fcae4887c0c63","ssdeep":"384:Ty6jzudwaL7ZGLWImkuT+BY/lBAdjTur8RyTOdkC2sNSDoFti4hy:Ty6udwaL7ZGk+YP+SPKF7g0y","tlshash":"25a2e10aa2f609bdda581e7ab97d67cb01376204d1038b90c6c225f460b9ed1ed0d37b","first_seen":"2026-01-02T09:32:22.062526Z","last_seen":"2026-04-03T08:17:38.441789Z","times_seen":22,"resource_available":false,"data":null}},"time_used":858,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":857,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-big-bass-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.743Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-big-bass-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-48b7\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lfOEzo5bnSvTrW4MBoi2unbE%2FyPJ%2FalNbeql5aXtWgtRakNkZbyMWlwlFZwJHsdp6vVYsKUhpSuzmge0IAgMbKCFDy8Hl2bGL8KQT0qnFen3hUaevwQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df202678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18615,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"9f5697d9f943e0ae3717ee63b09cc680","sha1":"a3b5f1950298bd5652bd1e5cc6202229c767f9b1","sha256":"cc8914e69144a5b7d5c31e2b6d8fd20784ee397c1a576f04b7c11592abbb4226","sha512":"309d78edc8943a047ab77d6e2861ab2cbe4f314a89e6b81780352480c672e5640d8db6be745eb9ad6386086be355f783fe18ba890f9350a6087270ee01a3734f","ssdeep":"384:2SPUQO4sj61g38ozjhyEnhwfJgfriLRZR4lWvrvMqpe8pVoH:2SsQT1g1zQEnEJmu3vrvMqpdpVM","tlshash":"1882c0427114a671d42872f95120c2985b357fc5eff6fcd34784c8f847818aa8d2f946","first_seen":"2026-01-02T09:32:22.026898Z","last_seen":"2026-04-03T08:17:38.499672Z","times_seen":22,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-big-bass-bonanza-megaways.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.745Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-big-bass-bonanza-megaways.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4403\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=n2xjcnXuHun62oOdeo4Zn%2BEyQsq96vXEkj93kd4epjg0Nx%2FilaqAWEZdgfLpIqXm00R6DRJUyjO60069YNhupO8xSEDDFuuXkQWI9tfKEwnbcd65des%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ef212678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17411,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"77cc0a6ba2c37b3c2cc4339eda4ab433","sha1":"d01cbc7fc093eea3965e9bf39a7c40bedd444264","sha256":"42aeeeea67d3847cba5625b0597d8fb3db7d3a86dcb5f797579c54b190e2edf7","sha512":"f37211a437c00d8c83c3f20ec45943d2dae325f1a4a2c8a96ce3e21e9afe533e8949a93cf512e756e66e90573a5d4b8151b78c5e9e1695211743766cbcc16c94","ssdeep":"384:ycL7KNqaHv3FTN5S1uutEWorw8kHAG05Qf69MoEX:ycL7INDS1NtWrwBgZvOD","tlshash":"9672e13ddefa556aed83bb71e4fe07545adf53b25457f81f840264f522370402548d09","first_seen":"2026-01-02T09:32:22.051865Z","last_seen":"2026-04-03T08:17:38.47209Z","times_seen":21,"resource_available":false,"data":null}},"time_used":825,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":825,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-bomb-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.749Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-bomb-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4db1\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2FjxBJwztFKlPLc5Rnj21V9OTJQ%2BFTq%2FdrPTEbTSM%2FMU1i8XbFhU0nriD9gOKInTCGperNo5%2B8qL5fnl7S5vq%2Fn4vn61ZbxLB%2BP9RLG0AfY928s03W2I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ef252678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19889,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"17521b9895eafd34b63d9fcfd16b6e56","sha1":"05b0bc7f0e2725d8842053e5e6902ad004960547","sha256":"8644f4a1ecb92880d1b7dfd43bc3c6a6724f4b98c28321f988594274742b7951","sha512":"91ca8382bcaf6d0b0afcc49ded0c56908ac5a1f81e1afb9cf058e0f4f87a72d0fb74d7631cea53b8d7333b42b16660f0ab853777990880918652bd7730b1a123","ssdeep":"384:xHvt08mZPK9KyVN0S17syNJkQsJzcaMlkobowVz2VJgUI84GacV1QzhsoasO:BvtLmZMKyh9lJkfpc/o2oJgUI5JcrQzO","tlshash":"0992d053b0e17dbcc0110d78d1641bada56ab2371c15985af2a020d1735bf86283e5ff","first_seen":"2026-01-02T09:32:22.001425Z","last_seen":"2026-04-03T08:17:38.488569Z","times_seen":22,"resource_available":false,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":806,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-buffalo-king.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.754Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-buffalo-king.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-5315\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uQbE8gBQKX18aI5GBNc3mfDDoh5FZjVbv3x8T0tK8GyoRoFwZcbCbor1%2Fi%2BoiTrezp3vmw0ko8nY5nSLw1qGbt48PjOoWRGO1mmi8tfWgJ2szC3A5%2F4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ff2b2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21269,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"6a4fefa067c8d0a4c05ed196ffaec8ff","sha1":"ba65e174f9736a29e2dd1eff640647137c1a6b19","sha256":"2dcb3e7382fc243a42c69dc266fa280f2a410fdf2d6513861f32b3e8b3513e10","sha512":"4d69b66e74f441be38bff156c2b5e0712f390fcb2d69af0a2ab34e35db9a903beb7e4dbce2eb515bd897a65208d1b6b1d160ca8c76357adefbde4dd92ada3215","ssdeep":"384:MYOv5TZ6KTeo5Ktp8nQ3zZuku36IN5CvAoI3Ie6PHS7a5dyxCxp/b3yEx:jI5TkKcCeRysAz3Iegyu5ExcpyEx","tlshash":"71a2d0b613314b4dcaa845794728c4a1b3f8ed0aacf9716748ad8a4b101aec9cf355f4","first_seen":"2026-01-02T09:32:22.04866Z","last_seen":"2026-04-03T08:17:38.473678Z","times_seen":21,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-analytics-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /v0/amp-analytics-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32185\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\nexpires: Fri, 20 Mar 2026 03:03:53 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"2ef3fbf93e191e84\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":112725,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65534)","md5":"66a5185bf1f152093c4f95d91b9cb17c","sha1":"b990476ba15bbc4a56bbdb36440c6db0cf598019","sha256":"74dd63159ebc617b14f8276aa56298b52754e1630b69c222db8317fc2675e405","sha512":"d57d0bb562fd7b90e05f8d639542ed1b3e549f16a7c86abb5f847dd6d1c90f16c03207b88dc190bb74c1e50ea790f8a27ad4465e8a31c59c7eff9389651df5fd","ssdeep":"1536:t+l20JwK52+nKUaXlQKQdNc2n/vR8cr7teM+OV6:czJwK52ljQdNc4R5ep","tlshash":"84b3a39db292b07583d3b074952f500af33a7944340b812cf5aae9d6bd7998a6133f7c","first_seen":"2026-03-18T06:38:38.455745Z","last_seen":"2026-04-05T13:08:00.779265Z","times_seen":219,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":122,"dns":2,"connect":17,"send":0,"wait":39,"receive":18,"ssl":105},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-starlight-princess.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-starlight-princess.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3997\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=noyTqxLJTz%2FAci3BnUPikguMzWJSoRcJ2knjoq4tZtZht6dlwZMvQMPGBnP6jJGtuzGkgAYGus3kIFOax8llBpD5dxgLLaa5zVdtUGBhN8Dotp9ZSUA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867eeb2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14743,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"7c1218ff87b647bf07765c7fefaf7225","sha1":"a68efd7fcca23220e95ba69821767e70df60bd0e","sha256":"e8d03230cca4042abc8dcb206eac74de2411b5208f73bd10c37e9bc1e95b9931","sha512":"c940268ae7fa266d74d396f8ee46d2cf41c238a14b55a5ef331e23f63aa7c22fb2ce89a0767564776e10caece960fbfa109a4ab2e02477fe626efd7fc8bdf0ea","ssdeep":"192:WTZsOCnUhrK9slgWaApEw/KhxpAHt/+sEMAtwbgrpS82EuD5nNF9ctac1gdGvCcF:W6OHhKKzS8LVAycrpUEuVNQ12GC8JTD1","tlshash":"0762d004db47a5001f615de7609df21e6f96cc0248eaa875c4de54cfba21cf2dab88cd","first_seen":"2023-05-11T11:12:19Z","last_seen":"2026-04-05T06:08:13.92899Z","times_seen":583,"resource_available":false,"data":null}},"time_used":818,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":817,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-aztec-gems-deluxe.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.697Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-aztec-gems-deluxe.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4343\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wFsit%2FZkSoY6vlRt%2BUraQzzoSIiLPub8IzTeS9ADrvfjC66Xk3hvDki2dRuVM46PWpMRFg%2B1fI8iJ2dA5wOUJBpxL5eW5WtOWAORrwulHGWKfYvJOVs%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c869efc2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17219,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"4a9521b1c4ae50abd825d2a5e0497789","sha1":"5f8dfb60b4494db85406b1722c0d4509d934d4e9","sha256":"8aa4058fb2f71a1d8091c721678412c56b8e92e5f1cf5b9044c31f6e9a64d74e","sha512":"e88d2cb045cdd908bbe751b2259a5ea1e6a72f3e8938e9522213f6af449e8306e8c8c120c5b5bc9342abf0278c302c43644d0b974a35c167c5864ddd2e765482","ssdeep":"192:WJZD/5O09veUDgfXdSPgFAOX5Mj1h5p5JRqiI4aCOaQY5BGeRxNhNVZvFAD6zc/i:WpBQwgl+gFb0p5iSCYntRx/NVBLmIygd","tlshash":"d072c021ca40a646d3ace4f513826e436f16c3c18620dd7d3281e6125171fbc1bafeda","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.456148Z","times_seen":68,"resource_available":false,"data":null}},"time_used":842,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":842,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-sweet-bonanza-xmas.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-sweet-bonanza-xmas.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-32c1\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X6ILCkgYKyR3xeeMv%2FDIkTPHF89El8FP8LKhPUsIvg9llqkMDDk5UUDeCNbtZ5d%2BYo0nQpGAtsXRIacp9IvkRq9I2NKLTFUIke2xo%2Br70JUdtiyGu1I%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86af062678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12993,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"721c160d5eb2f667f6caf64f1e0dadf1","sha1":"b87cab827f98335eeff0b28adfdd78080f64f63a","sha256":"b173bab30c262f339fc9fa61ec6cee535620fba28a510faa09ba0b0c881054ac","sha512":"89a8a22c1ceff75eb1cbf14d7ea76cebea1ac6c7d67483a5867c5d726e1015b4aa86ff4d60bf93d7a72854bf411b224ae0db3410ddada5b0c4bc1e9384cd606a","ssdeep":"384:WsyhnxmypIORtrFufvgmavCOCOme2BqwEKXewNkjKL:Ws1y2gCImKCJV6RKbkjKL","tlshash":"9e42d0194cd1aa41dfb848b212d3915e2e972f9c199404ff32a7454fa118ef8172a9eb","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.433372Z","times_seen":76,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/banners/depo-qris-cepat-tanpa-potongan.webp","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/banners/depo-qris-cepat-tanpa-potongan.webp HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/webp\r\nlast-modified: Fri, 16 Feb 2024 04:06:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65cedf58-aaa8\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3%2BY6uE4LXpVfmMoLmJMEjFKM4YQp8%2BTJ2%2BWWlZ3QCSx2rzl2mmuyORBubIcl%2FQKF7cXs2Ds7MZJtOeIjK25Lm16hNwPkrqoQJmEgTiVC948pfeTSo98%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c88ef392678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":43688,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x320, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e719d643171a6a7540fc2fdc141601a5","sha1":"4fc28988234cce3f26cea9cfd6738bacf03ca7ac","sha256":"03abe4e844bc445b1dd62d4ef9298bef8e49b12aa20c726fc5f27fcaacb25d7d","sha512":"ec35b46cd68fd8a7fd88f970cfc1d50c7246ad7f3d4c4b35232c82013fa15b8e04cc6ed0367cdbff23b4b0bf2317b1a4fe9b1529c7345563136e70c1a12e23a2","ssdeep":"768:YhI2IlhR/HezjouEz2R+6VEdzE5f3q1HWNfU4ANxpv1Wi+aj1RpGXuQ:Ym26hR/+zjoxSBEFqPq1cpgpv1WidZR2","tlshash":"2013022e499af90fcc243a752d3efbb517a2b3d55f26408898e02135a16f187b7896d0","first_seen":"2026-01-02T09:32:22.042513Z","last_seen":"2026-04-03T08:17:38.475026Z","times_seen":25,"resource_available":false,"data":null}},"time_used":963,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":773,"receive":190,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtp-categories/play-n-go.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.058Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtp-categories/play-n-go.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-d06\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4cUs2FmaugmlP3XQPV4V3aNUoNY86nwOvcQzLdpQLeqX0mAg2MRelQfEPJ1zAdJ10ODJvRqypQZZK9wCxJBMNIK8SAa3dnV8tdlB4rnwh94u95uws1o%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c891f432678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3334,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"f432b1f78589a623d1a77c057964ad34","sha1":"c8edda80f02e341ece526b7475025e750635b0c4","sha256":"87b14c9904c9db843aa99ede08072105454fb4a936b4d7112b97797a5ada5e7e","sha512":"433da4c77d23e92081aeae1c9ebfa922b4bc1e5d70a39bfd51654ca0bcee4f96a689aec46bbd436a4f1e3b709dc3fb1a3f5e3d4d8ea9990b4047fa713e533f5f","ssdeep":"","tlshash":"20612b3c6dfc2b92d10c92eb4c3655151ba671ece28099224d342a179e3de203762dab","first_seen":"2026-01-02T09:32:22.030926Z","last_seen":"2026-04-03T08:17:38.533315Z","times_seen":25,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":235,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/banners/download-apk-dapat-free-spin.webp","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:57.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/banners/download-apk-dapat-free-spin.webp HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjQ3NDJVTDFTSXdUaG1XT0Q5RnBMZHc9PSIsInZhbHVlIjoiNmNDK0JtNy9zT05Jb0o0c1psN00xLzhKeHNadnE2SVIrcVNZUmFTUXFyU1N3WGZOQllSaW5iVzE5WDA4dTltQVlZTEhGdm5kajNqeEJSbUJ0WDFJL0x5N0N3OWRJVUdwUkRhZ2JCR3N2L3NjbXJZU2pUV1Q2RGtwUmw4aG9ZTHciLCJtYWMiOiJhZmI3ZWJjZjdjODNjODUzZGZjN2I2ZGI0NzA2ZDMyN2Y5MGFkZTQwMTcyZjM5MjRjMjRmZjgyMzRlNDUwNGYxIiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6InMzSkxGalkzVHd1dGNoT3pUcll1U0E9PSIsInZhbHVlIjoiUTd6UmhibDBmTVNpVkZQTmJrRHU0SFNocndMN1NxTlpLWnk2QUlXR1I5bXlLSEpOL0ZjVnZsVng3VXR0UkorTFdqV1d5OHFOekFUYnorS0JiZzJ4d1U5ODZPNnR1WjYveTJUZXFoNjJoWnZYdUhaNUl3V3JNUlhiNDJ6aWVhNGIiLCJtYWMiOiI5YTgzYTQ2N2M5ZDRkOGEwY2FlZjJjZWIxYWMxNGY2NGJkNGMwOTEzNzZkOTM2NTg5Zjk1ZTNjZWFkYzJmNWIzIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:58 GMT\r\ncontent-type: image/webp\r\nlast-modified: Fri, 16 Feb 2024 04:06:12 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65cedf34-bfee\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=KYOQNXowB%2Fu7XzyRc4tktl7LOFUa4EJ%2Btq8TRx84KwnopplkOJdDh9raGOCR6GanZCojB%2BK0L3FKa7cQyf%2BleZHGiTZ1UtXbNFNo%2B2nWF5bZZMWfxpU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c9b5fb62678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":49134,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x320, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8c127a61c2c10f27f8404ff16fad3f5d","sha1":"6ce8c4bd93991675f07ec3eb07781f0f91079ec2","sha256":"ea9e0935405228128fbdafc32cef1ba0b60b019204f3da7cf59a92e373086039","sha512":"cf90f7e2a3777269fe77fe365c6871690ca9951ba57f1e33915b84c7041cc01c676d71c0471f9a7768303f534f16917b9c49ad28c241e313314fa9ee79b462e8","ssdeep":"768:PdGNcLrpz7jtJKWkCVsKykSaPi2KKQOhudUmEcto9J26GqfB3tiL1SJp1/ybD/Fq:PdGARjt8vADyaquQKudUmrIJ26vfBdUo","tlshash":"4e230255346a4c378a1f4ccfd372e126af5fba33df8b2344a12af5ab864409c95b015d","first_seen":"2026-01-02T09:32:22.049596Z","last_seen":"2026-04-03T08:17:38.520647Z","times_seen":25,"resource_available":false,"data":null}},"time_used":619,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":218,"receive":401,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-cash-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:04:06.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-cash-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjQ3NDJVTDFTSXdUaG1XT0Q5RnBMZHc9PSIsInZhbHVlIjoiNmNDK0JtNy9zT05Jb0o0c1psN00xLzhKeHNadnE2SVIrcVNZUmFTUXFyU1N3WGZOQllSaW5iVzE5WDA4dTltQVlZTEhGdm5kajNqeEJSbUJ0WDFJL0x5N0N3OWRJVUdwUkRhZ2JCR3N2L3NjbXJZU2pUV1Q2RGtwUmw4aG9ZTHciLCJtYWMiOiJhZmI3ZWJjZjdjODNjODUzZGZjN2I2ZGI0NzA2ZDMyN2Y5MGFkZTQwMTcyZjM5MjRjMjRmZjgyMzRlNDUwNGYxIiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6InMzSkxGalkzVHd1dGNoT3pUcll1U0E9PSIsInZhbHVlIjoiUTd6UmhibDBmTVNpVkZQTmJrRHU0SFNocndMN1NxTlpLWnk2QUlXR1I5bXlLSEpOL0ZjVnZsVng3VXR0UkorTFdqV1d5OHFOekFUYnorS0JiZzJ4d1U5ODZPNnR1WjYveTJUZXFoNjJoWnZYdUhaNUl3V3JNUlhiNDJ6aWVhNGIiLCJtYWMiOiI5YTgzYTQ2N2M5ZDRkOGEwY2FlZjJjZWIxYWMxNGY2NGJkNGMwOTEzNzZkOTM2NTg5Zjk1ZTNjZWFkYzJmNWIzIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:04:07 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4b5a\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eZkyez8lnkhsgNo3YaX1cpjQ2s9U2%2BWqHl3vJ2Rd7tTiUfhwXghWYFRYEC9nn1kWv2N2moumqsKugMsR%2BENtGveMoMR7peFtqxt50WktGbkULJN5HvI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17cd39a122678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19290,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"e9553ba608fa05b660f8fc5f22b533b4","sha1":"ebd8b236c75f49967d32201f88331983f8ee6f8f","sha256":"9d18259ed221970ceed3ebb0717bbc85f0ad903c9a90c3228a8a4697d81b8a95","sha512":"9ae0cb96dba125af05040bc87c03b6a685692d0484f36f2b9a0e0054b85c9ab4fc8c36c29c806ae3e5df5b1aa95f56be81dbeeaba1ebbd7164b87e3857154c92","ssdeep":"384:SpjIRACgChZc6MqxQPo0U3oVrwjNxohBSQinFe06xHWG:SpjFC9hZcBzPRrmNxIBmoN2G","tlshash":"3e82d018f3247f17cc0487be0948a177af8cb1a9f56f57b70222c1c4555bac72cad8a8","first_seen":"2026-01-02T09:32:22.050434Z","last_seen":"2026-04-03T08:17:38.476756Z","times_seen":20,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-bigger-bass-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.747Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-bigger-bass-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4ef9\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ozVyHYqIpwgvh7uNhBeH782d1wg55eUro9JvEK9BLnGLWAvwDu3ZZ9zfd8Rk6yUxky2epEm5Fak%2BwZ5E9IbibvRRVcmcHQcZLGxJFf4yso2KA47yhMw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ef232678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20217,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"0bcfe7c928178d93e69815c33ab9bdd0","sha1":"d1dcf662d194ed2c52dbb430344812878274d84c","sha256":"4948a0ec06ec1ca8eb358b8586b333275241d054c29f38252752d222e4ecd154","sha512":"91d82218872d49b8b8cb3177827bf226ad14df38eb6b30c18ef73da35315c10211e7617be68f9a12ae1b7fd3eb6ec68e27677eadeefae96ffd4f9ed99576fa56","ssdeep":"384:MDC7bXX9+oDdVhzfitEibYJz9bQw/Hv0C9SKRB1nws8bz97:MD0791Dvh+Pw/P0Y/12z5","tlshash":"2292e1eefb51be42fe824b3559d60bcf7dbf6432db3798a4e6000ad700486c875a4041","first_seen":"2026-01-02T09:32:22.085861Z","last_seen":"2026-04-03T08:17:38.419734Z","times_seen":22,"resource_available":false,"data":null}},"time_used":802,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":802,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-book-of-kingdom.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-book-of-kingdom.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4e58\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GTM1t4mmPdmYyNEd%2F%2FH8GG49HGlMH5IkFEhw6PqKdgss7Frkd4B4ZWu4Y%2FG%2BCovKSBO8ZRhmenWtGkiTUrDY5mQi%2FmnRSsj5UZjoFiRb1Ogfc0mRKLA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ef272678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20056,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"d77e01bba18c458427ba4b7343cd74a2","sha1":"c6ce321263c146a3fe47fb3671ea1a48a4c916f0","sha256":"3a45c79d2002b2cefffd3894f7e41f0844f3c63d97470d3a8c72fc0263039180","sha512":"0c58bfbe6cc646ac4ef8e524284c18eb83ace71efc15956fa1571121530a03477e9c1dc7f203aca6d31d9d10a0d56f876c6d078b8f762a84b318d53dc37b2cdf","ssdeep":"384:E8cLy3TKB4w+r9bXbUuhKOVeQqJBfDe2awiPzAO7jiY0a0FjDeRS:EBL3L+ZbwuhKOgJBfDe2awlO7uYsjDeI","tlshash":"8392e14850253abff71b00f551ecbb36cc499bc4486a5d5b6a4bb6f71a8c390585c702","first_seen":"2026-01-02T09:32:22.006659Z","last_seen":"2026-04-03T08:17:38.420805Z","times_seen":22,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":860,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-book-of-vikings.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.752Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-book-of-vikings.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-5406\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0UKVF5ID98qTgG0xmk2F4%2FYOq6%2By8P5ER%2FjFnF0aiZwDwgPbO33KDB6IY%2BzsXeOKWXu7oBjTsFocPZqysZzpeXlmwvl84H7HKJf1dqf0JR7UrytpfLg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ef282678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21510,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"504c4d5faeba3c8b59cf97e2587d6a73","sha1":"78cfb8d96fe1c78c2875b37e24354527f4594398","sha256":"75887607f32e54776bc28ac54a9ea5a25046ee02f417ac2754950e4a1f68a1e6","sha512":"2d345126a6afd86daa02ba5cd55657ddfb76da1fece30ca30324842a6c68c30bda6592f90e22bfa8eb5d610e55510617bb9dc87582495ea1aefad5056ca0864b","ssdeep":"384:KIDaJc3eE8WkBYtDBh2mGw5uMqiLnWZTK7a7gQbbdv9n1EVyRsrm:xDaJI85Bo7r15XTkTKtQfdVnegsrm","tlshash":"b5a2d0542cb174c9f0bb76ffd24e5b001bee9b6563d7c162812233e67bd92739048252","first_seen":"2026-01-02T09:32:22.078527Z","last_seen":"2026-04-03T08:17:38.500839Z","times_seen":21,"resource_available":false,"data":null}},"time_used":791,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":791,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/ww.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /rtv/012603032146000/ww.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/plain\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ww1302.bocoranbom.site/\r\nOrigin: https://ww1302.bocoranbom.site\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 14411\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 17 Mar 2026 21:56:00 GMT\r\nexpires: Wed, 17 Mar 2027 21:56:00 GMT\r\ncache-control: public, max-age=31536000\r\netag: \"66f05df6b07a8216\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 191274\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":52015,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (51902)","md5":"0a34f1afb63ed372ce7dc6068208c128","sha1":"68404d89f63033a07e872707ed057d4932eb707a","sha256":"d50ec8af35885580460c378b898518cf8b87fc443e111cb12e8446cf03dda7b7","sha512":"804cf02d6d391500a42813e1e6195b270719fc0a46bc8f062ef47eae4877f89c4c0283f33a8ae8ba0cdc2172c5505aca36db60cf85c2c7465df24efe75dba004","ssdeep":"768:Rz0GxCxtuQEnVZt5JV1wAcz7PX7ywwJtFidGmxBKv73oLfde7UNdxD/o4PHfG:R/KImDKv73oLdeU7xDpPHe","tlshash":"693309b8b2a6a46e834350f4406f3009e67f2d2a740ac83cf635d9d56db4d9a81b7f35","first_seen":"2026-03-18T14:43:08.948225Z","last_seen":"2026-04-05T09:19:37.184516Z","times_seen":90,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtp-categories/joker-gaming.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtp-categories/joker-gaming.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-1cad\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=78YyDhYWdXQadc%2Bgekusm4ClveLwJpkIszivIYL6RWMtHHBIKHSH7GFtriv5RAGb%2FDqjdyWx12N4ZV5xURiU4p2IXr5j6eTotXuwDVgz8aezD6ecHxk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c890f3f2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7341,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"7e6d0fea99f68bb623979fc7e87df272","sha1":"b229f96103b1c115fb6ac180322f236018bf2ea8","sha256":"f997973639901317a68bcbe1da7cdf19eecf7ab37001a96e78162679f01074dd","sha512":"8149a18dd336138a1c6a609d27400c00e5657c16f59eb9c5bc7452f93ee4b9648e9fa27f8b6b4bb32a94ea0ed47ad9d58af2bed6796a85a944cd3865e6ba0aa9","ssdeep":"192:ISlkkn5xHgL8HDjnaYkz/CcvBVJswmxmfIBRRl1:PdnzALMapFvBgrE8/","tlshash":"47e16c0f9e215c08ae2ce9e73ce380ab74731712c2c1e115e8a96067dca35a9de0d1c1","first_seen":"2024-08-19T21:31:04.580204Z","last_seen":"2026-04-03T08:17:38.475448Z","times_seen":27,"resource_available":false,"data":null}},"time_used":607,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":607,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-sweet-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-sweet-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-374e\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=F3D0oJPCXbviGm89IkKTFiO9ejHJmNm3HxNchA4MwSoRnZAERixO4T2zv3%2B434g7cOKvIPfs%2BxmuKW%2BqP%2FAOX6LugDcxDzsT5OZdidI3dR5c9M49qoM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867eed2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14158,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"c9669b43e7dd564b79c530890a4182b2","sha1":"bb0398471d2f566689e7695a58d104f4b8271aa0","sha256":"530c8e9067055058faecbcf6ea9b56dd6948fcb3adf56d31d71f8247d11d16ab","sha512":"19d09e3a3499b9b3ac937039e19ffda0c8c07536a1896ea48996995ef956d6ec64d1750c96591ec3d99580f8def7ef5cde02e2ed34e2301c4bb8bbb70b69c50b","ssdeep":"384:W64nVSBXyixIUD129gbfDjNKNAZc4J8isyjW/7/tyiH9:WT0BX/69EPNdZc6rfM7VyiH9","tlshash":"9a52bf18e957bb13cf401ee40fbd922f41424870ea15ac3cb2ce069a7995cf2187478e","first_seen":"2023-06-14T10:25:54Z","last_seen":"2026-04-05T06:08:13.890999Z","times_seen":558,"resource_available":false,"data":null}},"time_used":852,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":852,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-the-dog-house-megaways.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-the-dog-house-megaways.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3162\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7JnmQMA1Fm3Ns%2FB6B7LF9P%2BGw9LUqGGswIDT1u20j9A%2BvnyrALrIypX9MSnR25tsQJ9M49VCDTnUk6tPqRizpv6o0ZMmaxVH2MxI8N%2BNgmAPOupIg4k%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867eee2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12642,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"9f43505b54981b08bbfbdd20c21b1607","sha1":"e39b4ca84be81e5af7e5c852efc1792edd26ad15","sha256":"f86a33d6ff36adf2f69ca6845b1ceefff9cdf741c03b70af5795bf6f78d2b8f4","sha512":"f90021e0a891afd30cf79e4382ec963f92641e903ef84dd91c961ae9cc11d264e2c74b2837d06271e7cc94994d60b8fa3d5e02afdcf8fa0288181b8a741287f4","ssdeep":"192:WJhZyxMrReP8Mmc7orVfub1mgJnNMDsgE8XZsz6LWV7s/z/LdHGQAIK:WJhRekMmUkfubUAMDsgfGeCVkhGF","tlshash":"1142ae1ef681c4018fada03269fff6cbb2262cc1e580e07eb19b4e015b99df51009ce6","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.477954Z","times_seen":75,"resource_available":false,"data":null}},"time_used":863,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":862,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-power-of-thor-megaways.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.672Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-power-of-thor-megaways.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-352b\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=UA235tm8%2FSog%2FBxDpLysnWxShSlP05B041myM2QzQ6HRnIkSI8tlUU7RBKrKb6NZqJjrW77AbXjMPT99%2F0ATLQeQJhNZicdWqHrCRQYfoIH6JOzv7RI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867eef2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13611,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"7c4baaab845322f1442aa1915d560dca","sha1":"3b5c1a6a71bda9d697dd73983bfc53104db8fd8a","sha256":"d10061715b007ffb80ea25f54895e800979cc23296ef6138718fa945858a6b33","sha512":"b2d81c7b281a78e2c64684b901c6a6888741d90430666e67148ad5afecdf42b4816d074c267d4c426c019426bbedd07651de0009e1929d003b29bdf7cd849a08","ssdeep":"384:WQKztbsLdQVwY3veVyARi9RO6ppfAb/C5xI6:WTdcdQVwkzRMu5O6","tlshash":"b552cf4ce51338818f9a769a01e91b435f5a0b0ce187e4fe8d8ac842d890df784269ea","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-05T06:08:13.905731Z","times_seen":535,"resource_available":false,"data":null}},"time_used":831,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":831,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-emperor-caishen.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-emperor-caishen.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4613\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Lsq9rQG0gg%2F1n%2FCDhgALGD5BFxDNf%2BhIumetL%2Bp4x6I0h6aQTLEZZeEB8Uc4joPflb46WskhvthCQVmx9nIJNIoP0m0onbwPJYbN21V61%2FpfHJmlNQo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867ef22678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17939,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"11817978b9dfd978f316958f6c3d2779","sha1":"e8bed1613dca90e652d4cb1aef8f2fd8d7fe794c","sha256":"a5fe9841e0a140e3b13734fdaae595d6a11347e7554a054643741566b724f56f","sha512":"83f1f3508935e9479478590419ba970799bbe77d016f06a28e8973320fec4ad9af34d2d4ad72a3dbdc88a01423deca5e4194dad9e1b32fc27ce3de839995ba09","ssdeep":"384:WB4AQZ0MIFeWXjlS1iQ3YeGW7WCNbR2wATnIfHWtwYBExa+S:WaAjNFtQvF5W4R/hP65Cx/S","tlshash":"b682c08fcafb7551d345813288f71bb6eca606685f21b2f93c898415a8514758bf14ce","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.427229Z","times_seen":64,"resource_available":false,"data":null}},"time_used":842,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":842,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-rise-of-samurai-megaways.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-rise-of-samurai-megaways.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3a2c\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hF7BULyAFx3%2F3m3OybXeN%2FrETvqYh6Hi4p%2Fibu0APgtIiLyBU9ODhPCxK0sTcnlgKolTIyy516akzts%2FI3nUkrbz6HHVf7TakynTZjdgrQsauRjbZBg%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c868efa2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14892,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"4e5a9a09cb7b3889c4b09d256318bb7d","sha1":"0257cffe97de1b40929337732671484f72b600bc","sha256":"3abb2eafd53cff1e38fa9a14da326f0fef594960f4642e541c91ea0dc8c34381","sha512":"b35382675e1bf2a146fba85bedd3dfb5bd2eaabf705debed488d01896c789ec27048e1b0a74a7c89fc75b5aab94619a64c0f8bb266d0cd7c5ffd72a204f339d1","ssdeep":"384:WNBqQp+GVqX8Teo0C5jbOIQLXXwjWqmFk:WNBqQXqhhC9Obb37k","tlshash":"4162c0084b467689c79912bb3bfc6049fd0aad403b8a25be39a2b10a185dcf85b365c5","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.450841Z","times_seen":72,"resource_available":false,"data":null}},"time_used":778,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":778,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-the-wild-machine.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-the-wild-machine.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3805\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aaR7WZrrezcbWKR%2FMu0Wj%2BUJABIniRfzz4XfqTxySGl5ZDoLYEULe46LOG%2FRCtFiMLCWmwmwlHm6wOdVpN4BMJInaRc3Xa2c%2B%2FNTa6d9g1d69POHSpI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86af032678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14341,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"25e246d5b5d6dd0283154a860fde005c","sha1":"160229cbc9ea24735281f63d9476a438b50c599f","sha256":"82943b1dcdb324a5ae6a61951776fa3aa1470f6f2c1bede0694045ee2d25cf2a","sha512":"dcef8b34352f138d300a49e9962c7f4b96172b2f3b57f1185983a3e3fdad2a8cdedcc117cb1983c3203b600221d00a938bf38ea08a33e536346a4582ebce0f39","ssdeep":"384:WsrqPc5lGBoZCCJbw9ekG5om+WyJNQwuug1xFx3nU:WoNvZCCCg+rWughBU","tlshash":"bb52c089f5d72d08e3093a1221e8203b4253e7181d23b4770a4d573665aacf28f7dbdd","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.528436Z","times_seen":58,"resource_available":false,"data":null}},"time_used":797,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":796,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-7-piggies-5000.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.726Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-7-piggies-5000.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4602\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K2xs61ddu%2FBU6O4dZAbPxfB3sE8lXkeS%2FO2OA4%2FxgBsE6%2BJcdR%2Bu%2B7CjCOpIWfygUnUdx%2FbEzVtkPwT9lcGpHZ7aiZoSX8UuZKHOA1SoMWlyZa1boNw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86bf0f2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17922,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"5906055cea6bb0ecde616a7edc0fcb3f","sha1":"111bb92a6b105b46595a9279a2786974aa7eb604","sha256":"200c7a453c5a954decf0f04b071261377c933dc01bccb1ece0d60ead107e3003","sha512":"0017373187900a4a009e38619559038a1d78fdacf06869ae2ff1a45026787b29fa7dde1bca6146089b986a1f73970c2aa6b06cdcbbcce117c71d49076d4001d3","ssdeep":"384:r+y4S7zvnDEUuF5WbkLzN91GdRPXThQgmw6yuGKkKLweGLaM:r+XanQU5bkLMd7QgmDy6kKhM","tlshash":"8f82d095370fc51edbbf1b346868f78d4569bc1b88a9a33dd1217bd263880df4498098","first_seen":"2026-01-02T09:32:22.003503Z","last_seen":"2026-04-03T08:17:38.515517Z","times_seen":22,"resource_available":false,"data":null}},"time_used":773,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":769,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-888-dragons.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-888-dragons.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4a6b\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0VRCXgFQqLTPfVPkWBdDKmYxduB7djxhhvXCK%2BHyPy9c1vvbnoyYFA5XNvhS2yeRVmp%2F1gPg%2Fuj94WlUQsmxQzM0W2XydrucOcu2bZU6nNWOYY5zLvE%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86cf162678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19051,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"14574f2b92965873e8ae622e60746b28","sha1":"8042cf926d5482c5b3b16cf8af987707a8accaed","sha256":"7ef811bee81e422c81b7c6fe71eeaf2572628d4bf3e57f92aab90cd2b8be0da7","sha512":"f230f554be3d59b1f747b19ad22e940652c4b8f462565afd607d94c89da3237a5536d4c7169d88a0521476e57f1ad956b2d6dd07af24980c3d50ed8a102f29bc","ssdeep":"384:/MRhyMrEJPHM11tTYmaffguovsaEJ6HTeo5sSh4QdxZre2IqCTTiFfYZVLf:/MRoMrE5PHgxhnzeerGQdD6PniRab","tlshash":"f682dff2213829fbe948bb7c11c4d45c971ee17b3e88d95c269ae3d30a3a570272c647","first_seen":"2026-01-02T09:32:22.016817Z","last_seen":"2026-04-03T08:17:38.459668Z","times_seen":22,"resource_available":false,"data":null}},"time_used":806,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":806,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-5-lions-dance.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.722Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-5-lions-dance.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-5828\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=1f0U%2B%2FXAaNB0829sLIRPPDXg5AXlUj82aZ3Z22vZiYxFek1fz5r5O6G6IC%2BIo1YD2DzBdSk2cAQ6SM%2Ba84fEALmwWHIAfRVTz5vJqSdNt0W%2FSoiV2l4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86bf0b2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22568,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"0f7cdb37a551cb329e35fa8effa963b6","sha1":"3507ac0eb1a6ae7e07fc6424fee54b459c86f70f","sha256":"d72e2f702af5f9e19cc3514f0447a694b703c96adcc0215836c0ab0d3e422c11","sha512":"c54986ce86c0062544ec46bc8fa14de1728f77ed6f75c7d60e6d31d5722bab303515e67dbc53e633641cda56ec12574e58fc7b6a6769b0729d4691c0a9c45b90","ssdeep":"384:e2/3BbgLlhAbW5xOJ3AeFF7r+LXEWC/Tj0sZt9o0XQeKPKhK/8D/IE1ZO:tP+LlGwxOJ3XF7yXETTj0sO3eKCh/1U","tlshash":"29a2d0e167116b24d83d807094726a012a7cf1b3d97bf53a8b974af17d0d45e209fb53","first_seen":"2026-01-02T09:32:22.095505Z","last_seen":"2026-04-03T08:17:38.481892Z","times_seen":22,"resource_available":false,"data":null}},"time_used":801,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":801,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-asgard.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-asgard.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4864\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hKQgHi3BDM5zCUSJtzJL%2B1kZNj2GzY0BGQhY%2B69PDLXhthB4eAZblVxZa3NIhptZjsbC9eHynBMxUIBaYgcMXB2ndKQp0q9LlyWWKQLdeJFmX%2BgRFps%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df1c2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18532,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"a6d86dec42d9ee1625326aa65849cc7a","sha1":"b4f16343caf896d6b7fb0a87ebe3e3f353f00913","sha256":"9f6e5f0b527327e5b89f7c7830952e18ed3d5f9109aafbcb40acae09a96cca22","sha512":"32168540438e330e3c8abf91075d2f44e19bc224c9176d2ff08bd3dae75bc1e44df90f47526689243a3156c93caa7be31c8fed425c39712b4062f92240d2eacf","ssdeep":"384:Hft5bd99ZxFy/0sZqUJLQrsxx3HK0NMcd4nn1x7:/t5bdrgjZqkCsv3qtcd6","tlshash":"6882d00cf7e4e4f1d029cd3f248e2b0d0a9a0d96d529595f813083daed5168dbab738b","first_seen":"2026-01-02T09:32:22.084624Z","last_seen":"2026-04-03T08:17:38.516202Z","times_seen":22,"resource_available":false,"data":null}},"time_used":879,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":878,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-book-of-fallen.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.750Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-book-of-fallen.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-579c\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=f3OsBbugJmuHpvZEYv19N%2BQYrGXCFOO4yQtONCdLP84A6K2ZTXLdOe0j30jsa8Shyx4hPY9kGwI1v6BuKyRvDnm7zohT4mHDlq%2FjrdHzinuHw9V2Q0E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ef262678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22428,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"c72a105155f67321a3319cb73f5fc0be","sha1":"ce97b895e3e96e9bdf9925c6a67b11ab635e8608","sha256":"7fbf2cad8db8176680d5d2abaea4c9c2cba4b17cf795fae46cf5df4a77e8d738","sha512":"793892c0ea051143d52c4a4fa137878f43ee98b6085dca8f5f2397a8a0e2305a01a8545269a4670880d8efd67e4d41936e652e885a1d70e7c1242c4d73a7cc79","ssdeep":"384:L3oDURJhE01wVb14B6qcK9OiTgM0p9xydAVePiVNCxSedUen:L7JhEHF1NKoxM0FydAVHvSD","tlshash":"10a2d0ee078a560dd4fb15b88c28360fdb6832777a77035d1f895fca49298c49aa2650","first_seen":"2026-01-02T09:32:22.091958Z","last_seen":"2026-04-03T08:17:38.43403Z","times_seen":22,"resource_available":false,"data":null}},"time_used":811,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":810,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/banners/bonus-spin-gratis.webp","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/banners/bonus-spin-gratis.webp HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/webp\r\nlast-modified: Fri, 16 Feb 2024 04:05:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"65cedf22-c3ec\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=CHvToggZkduaIsdjQnwas06qw4wZWAo7bI2nFftLI4h8JZ6CH5uItJ8hPRoKXpCM5HX%2BKNXN%2FbuYxiTcevEEbaPyQO7VDw%2FZVHX5%2FksG529QpskBQeI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c88ff3b2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":50156,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 720x320, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ef49882d7ef440ba80f6ba39fb40ba6e","sha1":"58964cdf73e4d8257ceaad27e60a6a7357821bc5","sha256":"298a0e693a9a4b37aeb58f5d9ceebe4c0c239eab68e054b1364a15c19b0711bd","sha512":"0ec9e6fb510d1b4252612d5e79b224db35ef1990fa388f1bd2a77633eaa184f831719329aaa057a0e700c45c7ee04db701e53150d093d9f3f13d239a82339af7","ssdeep":"768:WjFWyg43KWz95t9TVssxUQ8F8eVMcfCZWE9CKigp8WLno5h0h:W8ygIn7TVssSFDfCuYWOn40h","tlshash":"d23301f0e356190470ba6c78f83d68e26dbcca5e0e16858be2b09bd1dfe05039b57c54","first_seen":"2026-01-02T09:32:22.063632Z","last_seen":"2026-04-03T08:17:38.532195Z","times_seen":25,"resource_available":false,"data":null}},"time_used":1009,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":799,"receive":210,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtp-categories/habanero.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtp-categories/habanero.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-1376\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bt0oNcPl2tKgeEgNv2FlAluJfoPTxWjHSK%2FdKiJLyatCfF4GQ%2BLjOLCUxgCvW5SoX4l3fkKxbJYb88FB8ScHiRZ3dfg%2FKZR4wUlCem%2Fn%2F2YYSr7ZNjM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c890f3e2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"53b51aefffba25ac907e1d76cb3e7a99","sha1":"9ee52e0afb18b88e5e914d77131a085f5abd3f6f","sha256":"5cd1033a89b45570f31c0204c1de5cd12d549d2dfb2a844bd1aabdb3e24c12be","sha512":"b793c2ce240624e50b7753c678ecc41e8f08ee8346d468a376def67ab2bf700cd5525feee07d6cb08e156d79fead35b8c4aa6a9a462f5565a0019092d19b7623","ssdeep":"96:NcLPGHE20mmZcnZBFBVgvjzzlnZ0uvsHG0Ta8TtQ1VGcSa35D6tPdyQ:NcLPGHbYw3gvjNUm0Ta82Vta","tlshash":"4ea18ed1caa80278d3a3841b04fba6100fda7c6b8701fb9f65b89464b4216dd949a6ed","first_seen":"2026-01-02T09:32:22.065566Z","last_seen":"2026-04-03T08:17:38.526772Z","times_seen":25,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtp-categories/spadegaming.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtp-categories/spadegaming.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-1a04\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BSCn%2BKJuZ3JYehbAp8LbVsFA%2B9gffEq6soN%2B7aDUHQ1FJhB206NH5uBmTNiOR5bIfpnBevV5tLsIgULB0Fas9Gat2%2FJU6qJp8qelFH3jmLfmTBR5jcc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c890f402678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"d7c09ad05a0edbf4bddc55f5a1de91d3","sha1":"4bf05baccd77523969d9ae93679e80852bf21c4b","sha256":"3694785f09463521ce7ba48c4fe249f837382258d7491b8109023e97d84577bd","sha512":"1d51afc6d53ac61a969ada97a4a084ab9a3f40e753790cb48551d04eaa2ecd4f9d05bfb92197c7592557ac591333c71e85a008b50e2cd72e100866e500d1318b","ssdeep":"96:YghlQ95zWsjtyfc1xWooOvwWsQRfczSyuovHr3MJCeq7wwwQux50Cu/rKvddwtNe:Ygzsv1xWoommqfpy1M0j/ExCWvdI45","tlshash":"fdd19e0da09596cd8e66fb962a5088d33cbc3857941bb1b2b928f6b238fc25d4ccdc40","first_seen":"2026-01-02T09:32:22.093135Z","last_seen":"2026-04-03T08:17:38.491662Z","times_seen":25,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":608,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/v0/amp-auto-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.558Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /rtv/012603032146000/v0/amp-auto-lightbox-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ww1302.bocoranbom.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 2972\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 17 Mar 2026 21:37:52 GMT\r\nexpires: Wed, 17 Mar 2027 21:37:52 GMT\r\ncache-control: public, max-age=31536000\r\netag: \"74a8e6f749d364bb\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nage: 192363\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7798,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7676)","md5":"dfd43df9e3425f6077d3bd69d5928cfd","sha1":"d5b1138d94904e2ab07092a86614976e1c2f543c","sha256":"94922d1f912dea5b7dd68a1a62d746f58d44a0c8305607aca116d6f08ba46708","sha512":"1f42867fd9dce4ae9a17c2a13be535196920068b4ca5b52b256baa92c48150b0f725a5f977ac59bafe6187e06e25aa2ff2787c37e23485bb943cd05fd126b6f5","ssdeep":"96:jKoAosPGpV3yMDc0jGAM+G0mj1hVXxSZ4tqSKN0OV0TjLRkiGj0ldmq43bDjHI:jKqswV3yv0jGAFCPX/tqKyWp4M0rDTI","tlshash":"d7f196dc7ac2b83a5757b4b780af414fa63ba94624ad9120d120f0d83cb995ed633e5c","first_seen":"2026-03-17T22:15:38.806244Z","last_seen":"2026-04-05T12:39:04.607217Z","times_seen":828,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/apple-touch-icon.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Fri, 20 Mar 2026 03:03:56 GMT\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjQ3NDJVTDFTSXdUaG1XT0Q5RnBMZHc9PSIsInZhbHVlIjoiNmNDK0JtNy9zT05Jb0o0c1psN00xLzhKeHNadnE2SVIrcVNZUmFTUXFyU1N3WGZOQllSaW5iVzE5WDA4dTltQVlZTEhGdm5kajNqeEJSbUJ0WDFJL0x5N0N3OWRJVUdwUkRhZ2JCR3N2L3NjbXJZU2pUV1Q2RGtwUmw4aG9ZTHciLCJtYWMiOiJhZmI3ZWJjZjdjODNjODUzZGZjN2I2ZGI0NzA2ZDMyN2Y5MGFkZTQwMTcyZjM5MjRjMjRmZjgyMzRlNDUwNGYxIiwidGFnIjoiIn0%3D; expires=Fri, 20-Mar-2026 05:10:19 GMT; Max-Age=7200; path=/; samesite=lax\nrtplive_session=eyJpdiI6InMzSkxGalkzVHd1dGNoT3pUcll1U0E9PSIsInZhbHVlIjoiUTd6UmhibDBmTVNpVkZQTmJrRHU0SFNocndMN1NxTlpLWnk2QUlXR1I5bXlLSEpOL0ZjVnZsVng3VXR0UkorTFdqV1d5OHFOekFUYnorS0JiZzJ4d1U5ODZPNnR1WjYveTJUZXFoNjJoWnZYdUhaNUl3V3JNUlhiNDJ6aWVhNGIiLCJtYWMiOiI5YTgzYTQ2N2M5ZDRkOGEwY2FlZjJjZWIxYWMxNGY2NGJkNGMwOTEzNzZkOTM2NTg5Zjk1ZTNjZWFkYzJmNWIzIiwidGFnIjoiIn0%3D; expires=Fri, 20-Mar-2026 05:10:19 GMT; Max-Age=7200; path=/; httponly; samesite=lax\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\npriority: u=6,i=?0\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=meyN9NGaIl6Y6xnd4jHauVeoh1KCBQ%2ByKiKC3qWa2PbFPNgOFk8J1oIaAgbgh4rqCS2nUDqeDUA%2BVpPo0GHxKxsJ45MLzE%2FzoOOH4%2FlHN9LXWoVFjos%3D\"}]}\r\ncf-ray: 9df17c8eef612678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6609,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5395)","md5":"307dca9c775906b8de45869cabe98fcd","sha1":"2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1","sha256":"8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c","sha512":"80c03f7add3a33a5df7b1f1665253283550dac484d26339ecd85672fb506dce44bd0bf96275d5c41a2e7369c3b604de377b7f5985d7d0d76c7ac663d60a67a1c","ssdeep":"96:k2J/SNi/FLQVTLKCGWz5ln59Jy0jRdoMVZTdI5:k2pV2RKCxDnxyTMVZT0","tlshash":"d9d1975fdac5101e60d385b7e8d4ea4c8916aac3de234bdbb54f7915cf8038719a361c","first_seen":"2023-03-10T04:10:06Z","last_seen":"2026-04-05T07:42:31.115538Z","times_seen":4095,"resource_available":true,"data":null}},"time_used":277,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":277,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-wild-booster.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.685Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-wild-booster.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-33d7\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=EsRay8McXGr3gynFGcNagPeeZrhi847WkUSl3gCRk%2BchDDEvEU2L1R6LB56AB7ZCCjfrQVsyOiX52QvtwADKlsPYBxHQvBviw9IsuniwDntDzRBCMvk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c868ef72678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13271,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"d0812e985af4f254156274e272023d0a","sha1":"86570a96efb4538a9b1b5638b69e487d3721d839","sha256":"ed4e3bdb93c1eab9af04f7c2b95d361dfc2ff50820aff4a4ada8dc46de8909fb","sha512":"005f013a6f8ba7dfc00a72e8d9af95beb6d7e0a1470f0367271102a694ce5814c64b9871e2c5a872158f4f1aeedeb2af2dc911d45c36a8ac4f6320daf8e1182e","ssdeep":"384:W6M6eOJJNBhGkxl4db+Sm5dtHSYc+8Z0b0:W6M6eOZGkDXSiazZi0","tlshash":"e752cf266e6ef801d3484e74fcf07c3a77369e9c69a421741be2a4373620c747e916e6","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.484396Z","times_seen":61,"resource_available":false,"data":null}},"time_used":855,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":855,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-spartan-king.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.706Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-spartan-king.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3432\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cvDvrej%2FDASgYTLPaPYwgki%2FOYrVEFB8ozTlnMvvt84t6Q9HoL569J8pgA5vLgYLFt7b4h%2FrZ3d%2Fo1k5pYG4qS8cvlNJpZLS4JGEatDxPGv4n1RDxpY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c869eff2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13362,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"3038a630036b4ca48c79bba09d598ef8","sha1":"8c1955e29dcac9df5961e526309b3f5a3e2cc88d","sha256":"9ae17d7c92eb835539537f7f19fbe36dbffb71e7c40c034520fbe06d385b1c3a","sha512":"568f7887ae261379ae5d533936c3719afd9d3bb93a3c7674ee1c7461c7396f7c9539cf564f5ced9240d8a8e8f832f9eb0eb8d19ccb80361f71822d8f6b4d6793","ssdeep":"384:WTvHbJy5ZCclY+dHNn4JjnKv9uOtZ1SgtH+K5vA:WTvHiCAtn4JjKv9uOMg8K54","tlshash":"8952bf4b57e1b191cfac01308787649fca6d1a428201ecff33cd9a113639cfb5924ab9","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.470983Z","times_seen":59,"resource_available":false,"data":null}},"time_used":893,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":893,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-santas-wonderland.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.715Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-santas-wonderland.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3bd3\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LEB7vvhs2WGUcskvHjninnsw50NBvn4qUDDplkwSRaCc2OMjtpceWDAHojWBm7zUocMg%2Fgblhj70q9MT54s%2FaYG12De1EAFrCk9dSkQG%2FCGaANGfRWM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86af042678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15315,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"79c29fb7bdbc927fbe5fb92bf6f03bdc","sha1":"2dccb5bdb753e9d57220b5c664af93524307e009","sha256":"f2116b307f041cc8a5d186a1996f531edc34ee1dfdcb22825f72c9dfb329ca36","sha512":"0a3479a0af71ba777564dc30775c477f1f1c958c6b75a88e3f3890308673300f8286d119f6a9c4139f6751d7bcdd9f76109552ab3d40a2a47645a80ebe6f602f","ssdeep":"192:WUdwZAhFyeyDHAe+TVrCiOl7xCFpL/DhDOyVnmlvm1W3hTHAjZrVBOX/AuA3Jj85:WR8bTVraswyVnyO1W31AjBjuA3j5mCg","tlshash":"d562cf7b22bf490da2178c203ea6517d662eac044f4481f6698c02cf21b7ff5139f6e5","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.496734Z","times_seen":71,"resource_available":false,"data":null}},"time_used":812,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":812,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-buffalo-king-megaways.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-buffalo-king-megaways.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4cab\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4KLF4yl8E2xvc5gDi2JgOG2MfvKYfcjObnruXw0cURBKGfCvvaRmdRsel%2Fpyd1CRVeOG2F7jeyKtF7f9KaTZnIKQsN3n7iZN0sRhpDKczzYp4ItGR3E%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ff2c2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19627,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"f8005b4c865e29acbb66e43bdfe64b46","sha1":"e2220ddddb2909c9a1553674732107d0640bb49c","sha256":"d085821ddb9cead0de5912f3629bbc8b98d91bf4b16dce79776c3faab53d2283","sha512":"25a9f84b103e17fb4df38a56026f537a37c8d40bf234e29d2594e47d677c0aaebff844d988c9663c2e078daae0f7ddb35c6d17f2fdc194375512ecb686ed441c","ssdeep":"384:qMBhkgbi3hhAyVe0hVzsjDdHGZeH0JKB5np2mLyJiUiNFjDv91Q59z7D4rjUito:qMBhBk3VI/w+S2nROJijNFViSjUJ","tlshash":"db92d162f6001307db75c97b48901756f66f2e16e1f48e6e57c147e860a5c1f0f29b26","first_seen":"2026-01-02T09:32:22.019161Z","last_seen":"2026-04-03T08:17:38.517413Z","times_seen":22,"resource_available":false,"data":null}},"time_used":882,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":879,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/favicon-16x16.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /favicon-16x16.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\ncache-control: no-cache, private\r\ndate: Fri, 20 Mar 2026 03:03:56 GMT\r\nset-cookie: XSRF-TOKEN=eyJpdiI6InczczFrRGJUS0YwWWd2dU1RSVdyWEE9PSIsInZhbHVlIjoiVVhVTHF3czVKNkxobkNZTDBwSFdaUk90dnQ4cG55R0NUTHJHdktLWTZwanBsZUdTdktCVFdZcFJGZGVTOUl3OU5sZm9vYUliQ3g0enBzRkxCOEVMWHVoUmxta05kcTJaSmNjWXBMTC84S0UraytsTk4yMjdzQ1kzbWV2OEE0MGIiLCJtYWMiOiJkZTNlY2VlZDEyMDY1YTMxMTJlODY5NzU4MDIxNzkyOWZmNTljNDMxODMwOWI2MzA3MTZlMjk1ZDlkOTcyY2VkIiwidGFnIjoiIn0%3D; expires=Fri, 20-Mar-2026 05:10:19 GMT; Max-Age=7200; path=/; samesite=lax\nrtplive_session=eyJpdiI6Ill2cjhxQzVHSU9NYzBYTXdLQWdYZHc9PSIsInZhbHVlIjoib1hyaXh6bEh5Q20wUHR6eXNPNjlZU2wzSDVzTVJIeDRBdktVUXkrMFZqMlhCTEo1U1U5RjdFckc1UHBVSWVtZWtEaFVJcjJNZHN6dHZscWFwNFFVZnFGWmlwb1lUdUdlZHBFK2lTTE16dWZqYTg5Zzg5TEx3eklPaHkrZHVwbUkiLCJtYWMiOiIxZjI5ODVlNDg4NjJkYTBlZGQzYjZlNGRjZDdmNjYwYWE3OWU5NDlhZmI4OGRlYzM1ZWVmMjMwNDhlMzFkMjVlIiwidGFnIjoiIn0%3D; expires=Fri, 20-Mar-2026 05:10:19 GMT; Max-Age=7200; path=/; httponly; samesite=lax\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\npriority: u=6,i=?0\r\ncf-cache-status: BYPASS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Yo%2FUwdFUyfQu%2FeBcnveHrFn1p5rEkVQMhBryEs2tRLmjBEriVAojAOo0Cn%2Ftlsp6ggIx%2FLfyGWzp7Yf553xp1oCEiFWOtBUsqvLw%2BnFvyQLyclTBxww%3D\"}]}\r\ncf-ray: 9df17c8eef622678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6609,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (5395)","md5":"307dca9c775906b8de45869cabe98fcd","sha1":"2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1","sha256":"8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c","sha512":"80c03f7add3a33a5df7b1f1665253283550dac484d26339ecd85672fb506dce44bd0bf96275d5c41a2e7369c3b604de377b7f5985d7d0d76c7ac663d60a67a1c","ssdeep":"96:k2J/SNi/FLQVTLKCGWz5ln59Jy0jRdoMVZTdI5:k2pV2RKCxDnxyTMVZT0","tlshash":"d9d1975fdac5101e60d385b7e8d4ea4c8916aac3de234bdbb54f7915cf8038719a361c","first_seen":"2023-03-10T04:10:06Z","last_seen":"2026-04-05T07:42:31.115538Z","times_seen":4095,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-bounty-gold.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.687Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-bounty-gold.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3957\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=HY20EPfoqZmN92N1Mralo6FTjy9OfIipCVK5Axju4NOpdD54%2FjjdqyxPV2uiD3uWRnBg7Hpk02D6ExXSh9r9l0HKScY7%2FMPWuUT1Pl2guYcr1sva%2FdM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c868ef82678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14679,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"f545238b11e60579fc3128b96b817e5b","sha1":"05afa8ed56398800420f8e6f6515ccffc8910dcd","sha256":"d2a93ba27c0e6d80c1c6aa5fe2411c15a36e75b413ba4ede147d7588a4617ea3","sha512":"5c87424695e086bfb28dba51b9b69779a0eea1f989cefa50dc59bc0f9522c58f361716b5aa3c02734a6077585f2be7c5f4a69092dc40e7081b8edca349dfcdc7","ssdeep":"384:W3pNhb84dir2+lkqfOEXWaT1FEHSOVR6I6jIr/6r8SmD/K:W3hbdiplkq1ma5FEHSFI686r8SmD/K","tlshash":"2362d00db3ce9900d764d4b90bfa3027958fcb28fb90523ae8469515a4ff9f5103b6b9","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.464572Z","times_seen":82,"resource_available":false,"data":null}},"time_used":830,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":830,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-empty-the-bank.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.689Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-empty-the-bank.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3793\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=X45JabZyyw99%2B1ePcNVG9ZyM%2B%2Bjz9pXjG9zMWlzAo77J5qU5QITQHHh0hMC0tJNlJhFp25rSKuqeOR9KcryYVVULlaxerp0zQyNs7Cjuepula8SCBk8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c868ef92678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14227,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"1734cd204b8ac9248932a960ac7504aa","sha1":"f554dc34ed23a3826e856b26b83dd63a47b4372d","sha256":"fd4b860f8fc361cf1e2cb73a6d59e677db6e1df5a0ea87c3e9a1d40a10b82bd0","sha512":"e1b422a38b3bbf889e9e0bcc6218c172bc0b69a09260086e382de072d6de97b96f46af876d8dfa39e5c010cfe00961461a58a53674e92edc58d30fe8404d9b8d","ssdeep":"384:WgDwSJoPqbYoR7ND60iA/NyeKhqfkeIluEIcuCmXho:W0JoPqUoR7aA/NyRWGufcuCm+","tlshash":"0552c00150ad6a15eb6018f9196b72e22f60069477d7fab057e301323df9df26a910bb","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.432286Z","times_seen":64,"resource_available":false,"data":null}},"time_used":869,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":869,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /v0.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 73113\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\nexpires: Fri, 20 Mar 2026 03:03:53 GMT\r\ncache-control: private, max-age=3000, stale-while-revalidate=1206600\r\netag: \"5b239dc189f888b8\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":284617,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (64627)","md5":"c54252d732bff78217cfbeff950b3476","sha1":"960deb0b579fba259aa9865d3b1deadff0538bff","sha256":"852bb88969e8e21c5f7403b97cdb69b072a54f60214690cee9f1dad4db2d6740","sha512":"e75fc0cc5405ac64ddce8e210062fda91bf50d668d8cbef548f54b22b311082da8d3830d9092375ab69a6d8def15d9889f195f03269ecc9f570ba7afbf77f7e2","ssdeep":"6144:ixUXfTWCOu6qiieuIbno1uzRePNS+7HYo:yqftp/0RENS+74o","tlshash":"e754949db286b0724793b075803f150aa33ba859244a812cf56de9d67cbcd89b137f7c","first_seen":"2026-03-17T22:15:38.805176Z","last_seen":"2026-04-05T12:39:04.612705Z","times_seen":859,"resource_available":true,"data":null}},"time_used":311,"timings":{"blocked":122,"dns":1,"connect":14,"send":0,"wait":29,"receive":36,"ssl":106},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-pyramid-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.682Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-pyramid-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-362a\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Mg3ylqX6l9TV7YHhAvwUGaxC9iNQFBvl7e8NeU7jjKaDFVhOMce3bAAvZKQhldYtclO83zlyG47SVlu3db98UV8e1IF%2BxB86w8QPokJnwGn%2F%2BVU4jVo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c868ef52678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13866,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"b87fc6fbb451bdd893fc517a8412b476","sha1":"c66eeba19e7d4c32c795a3f3bae063a583048d95","sha256":"fe18da0245a046885ece3c2cd78221cf42336c093dcb567224d19f4fa237bcce","sha512":"59bc974e02d9024257c776279494554dd00bd1065a9100f5bdf4f25161b1ad30fd4402757d42d452d280cf41376192b11e0a34fec46fd2236a1b5988940d01f6","ssdeep":"384:WtgMKFkURSDtMOlxQQ+ubvhCJDUwbLWRmuvXGeCXx9tmCt:WtgMKeUEDjQQTdCBUSLWR1X2rt","tlshash":"c552cf759d23ae021f582278f888e1a32f25b542f788f03cb4b3dc07da28d741d6e584","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.444281Z","times_seen":92,"resource_available":false,"data":null}},"time_used":902,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":902,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-day-of-dead.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-day-of-dead.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-333b\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=p7cEugWyLJi0pqoibuSqrhh4o%2FAFLnf7fSShkljnXAZis%2FYTPMiYrMwFCUemDdYO%2FCF1UO%2FWNUPA1HY1YPF30aQkzBdCj%2FZ6IoRPM1lq5pslxzlVZnU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c868ef62678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":13115,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"fa575119a3a3ebedb8f3e73dffe004e0","sha1":"0e8e81d4769dd95bba1d837e09404f13a9f15a3b","sha256":"55ffc17f7b2228f071529b49d4c6c9d4c0f6c8f30ad139b34f2d717ad6f58699","sha512":"abd7ee3386035b87e83007bdf82e8fb973ae6b99bc50cb4425ffcafead9a42921a2cbee1306dcd6e0cd092920eeab4efb33826743f5c2c4d768f8debdfb97676","ssdeep":"192:WnZ71FKzq7AnRwK4/7zaJVBr+a2lnpJ/KC/cKJpFwBvNFoZfEkSHP7MRcmnEnSH:WtD/8nRpUzaIJBxjFa4Z8ni6U","tlshash":"fb42cf43be81ad91fbc85aa434e3bc747a270741b6a8893439dad9e216bc9f054258d1","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.479209Z","times_seen":66,"resource_available":false,"data":null}},"time_used":838,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":838,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-aladdins-treasure.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.737Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-aladdins-treasure.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3da2\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=B7db2GcGFT1ss3Nu8A5mqrQIiqQ1V%2FnwCEA9TxfBkA8rG9sOn2XIQT3wVkLGslzURPZR0hBLVBZacg3cnLbAAO%2FlsnWsqQLlcXDMtoC6FGpAEELrQEY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df192678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":15778,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"ff69619bf1386a68403925905b716354","sha1":"8c7ab695783a9268181856b73fd9dfc2fb4a05be","sha256":"f136463c72c1445a6d0b6c0f54ee28e3a1b24b14f89646efb20f2b79c7e3d51a","sha512":"1b2174b982870cab1b887ccc8c702198a52299a71e123a0a36a7f7d5d81c6f1098d781d6eab58c631bd6989d7f27ef1c9b75038a0ee148894486258c89b4f23e","ssdeep":"384:ZhAxq2SCeod5fXkWDsJAU86Ct5e5MbMeH3zD5/IV/z8dQ3YMDzZ9K:ZhGSC3XvsJAIikKHjD5XgTD9U","tlshash":"e262cfa06b6731d0ed053c3494a437d41b5cba4b6a6e081ecadb2b5adb15bd30d8e38c","first_seen":"2026-01-02T09:32:22.037984Z","last_seen":"2026-04-03T08:17:38.453565Z","times_seen":22,"resource_available":false,"data":null}},"time_used":812,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":812,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtp-categories/pg-soft.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtp-categories/pg-soft.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-149b\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k20qFxVBZYRQzCFSAVE%2FpaAwya6tjASjC0L94LuSuVsjkp7iN0%2BXC%2BpWlaGNP1%2BG%2F5ov4EwfPRM3%2F1jeKTXr%2FddKXz8dNeoKUKdvawmfIDiFmnii3pY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c890f3d2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5275,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"f7958a19c2322e897809066d3a888313","sha1":"2ad1eb7d7241a6aae0d0b14dd16909bbb470d8f3","sha256":"ddcd5f0707256e1ab256ef36fa9662eb1e15b167722da4321bb5d8fb11e2e47c","sha512":"5469e78d2baf2585310a12804bd356e1d113f00ad999f6bb4c502d9ab9efa1f29873a4cf1baaea1ea80237a57025f1b60ec6d87fee0e92a0f90a299e61b3d9b4","ssdeep":"96:Sg2H7NwiR1M35Sqwv7dj3aJjjVnsh6JPNfjSF4H4k3xD+DikgiHRHXHPcWKJPcGl:ARg5Xqpj3CjSYjbcikldXPQPcGl","tlshash":"0eb16d8a058333bd8d51a22bea1e18e3e8457823b4e4a0722c1471fef1cb02439a5f12","first_seen":"2026-01-02T09:32:22.02919Z","last_seen":"2026-04-03T08:17:38.413056Z","times_seen":25,"resource_available":false,"data":null}},"time_used":624,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":624,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/assets/logo.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.335Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/assets/logo.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-1684d\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=uU2%2BscKVBXxCaDaBOzNHLelsJigLY6GRWswxH3YYV1NZVXBCol%2BKKtsscmZqBe1Px9UhvQgmYCASNzbt%2Fn1A7FiH3vf2UR%2B13CbIiMK60%2BDNdaHZ%2FtQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c7e5ec42678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":92237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1590 x 571, 8-bit colormap, non-interlaced","md5":"624fb0d374be21b522edf9643063582b","sha1":"871136fd6456f66a5507530455e0e583863c9c8e","sha256":"beb9ce3c1d6d96317c55af51a0195eb874fe070169c85b322267959bf5075b09","sha512":"c025e22ad3cc2cea7c5b14b88d5194c305863bc2ad254f73f415f47215400c31700f2c21f105ac877aeee845dfa145a1ad25823db14de531fd07388d020dcb85","ssdeep":"1536:k7EMxgT2cbqQuXOf/Wpp80/eSABT/JTVnVYAwQ2hjYeBOBdU7ua3gRIGQo:a1DlGG80/e1BLr7J8jaLPa3q9Qo","tlshash":"5f9312394d0c0e11ed75961c1c52762eab057ee2f23c28645ccdc9bbf66c753e71849a","first_seen":"2026-01-02T09:32:22.052673Z","last_seen":"2026-04-03T08:17:38.425114Z","times_seen":25,"resource_available":false,"data":null}},"time_used":1180,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":968,"receive":212,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/rtv/012603032146000/v0/amp-loader-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /rtv/012603032146000/v0/amp-loader-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ww1302.bocoranbom.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3926\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 20 Mar 2026 02:45:57 GMT\r\nexpires: Sat, 20 Mar 2027 02:45:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 1077\r\netag: \"9422bdcfef37a42c\"\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12715,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (12600)","md5":"89838914470dd0e624818145d0da20b0","sha1":"08e50aecb72cf5a2ee881dcd9f851f9060d7fecd","sha256":"f50872bb1f4ad2d9d9d9413b7f6a6fe28a824d82cd90a4d3865c9c9441a3ba76","sha512":"6a475a043519513c83d0c40d8fece777861225d8da5a845852d59652a87a6cc5e3a091d96fc489563c9109d53810c25604fda9d2ff2ff45cdc4ee7a61d390f0e","ssdeep":"192:9fQHMOgzKBbnnRrVGRoP0YWrO2tH1a9HzMb5F4g5A4WR2vN:p0g2BbnnHYaBzMb5F4g5A4WR2vN","tlshash":"2442a464b54ba2ac530352b484fab906757ecd4fb8504035f0018edecf99e48bd7ba6e","first_seen":"2026-03-17T22:15:38.807202Z","last_seen":"2026-04-05T15:08:13.169554Z","times_seen":645,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":13,"dns":1,"connect":0,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-7-wild-booter.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.727Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-7-wild-booter.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4382\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qf7l3eUyxo%2B5NIuqYnU8lRl1cn1ZlaL5cTcSq5uhwEj9WTz7Vlgew3JFHAWdekKRK%2F76XF74GLxZ7tc1Hcy4s6vxEg2%2FeZcJUsLhU0%2F0BcrmKb8hlpY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86cf102678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17282,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"d3da06a4afb399edf6e436b7b3587624","sha1":"bdcae5f4ec62e8c78881a917c04041ddeae509f6","sha256":"6b6f2e022c573b1eb2facf01c829bdfd9c380d346c4a49856db515fe91943097","sha512":"e5125d94c5ab4955b2c6c75cec5c919e9e5cfb86aa75042faffa411cb33a5c5496c632cd80200c8539c6d5fb8a42bd8474eea6823d70fc11f714d9fc896b1fbd","ssdeep":"384:rilxU5KY+rFY26a/9Ozy4a4CFkHPXzy8DxJPnuv3B1:ryxUgY92h9GU48KX/D63v","tlshash":"d472c0158279b3dde598733122e24f63ea4edd6840575600991a0fbf9f4a8c72a2f254","first_seen":"2026-01-02T09:32:22.007674Z","last_seen":"2026-04-03T08:17:38.531269Z","times_seen":22,"resource_available":false,"data":null}},"time_used":788,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":787,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-aladdin-and-the-sorcerer.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-aladdin-and-the-sorcerer.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-52a8\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=iRCUwoQvAiW%2FbjM22s5hZ%2F17t4nJqX0Mb05NsUzKU9TxcwaVZcmxGR4RD9tZupED0kXhX7LWo3Jv5HHzIgo0HStWRjoagDUzUJsp1V3kg8Rj2n%2BnLpc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df182678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21160,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"5bcb283ce1795fc5950092a729615a37","sha1":"5d82139977df68822c9d43e6031f7c4c27317a51","sha256":"15a533e4ecb629eead21905faa580ca5433e5b5800454cc4bb04a3503642096c","sha512":"e37dc2ac588ce1b52d41ed55af9d48a50368a8d109a155667d96c56589e6452236871b765a79a02444d7ba939b1e2a5e25ca771f6c65b059b8288a1e94c1fc03","ssdeep":"384:11uFQoZoe2rIE4wYsa4qB5fEbgcdC9Ep4DZs4sGgKgkls/vMecKQV:yFQWGIEczDfkA9Eps5sGgcGMTh","tlshash":"a692e10de97e4b33f89a0a7e16d2e708467cca514149bef4e1b1b0f966186c3286dd1e","first_seen":"2026-01-02T09:32:22.059051Z","last_seen":"2026-04-03T08:17:38.439885Z","times_seen":22,"resource_available":false,"data":null}},"time_used":828,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":827,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-barn-festival.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.742Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-barn-festival.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-56d9\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nd8U%2BGvYd%2FsZSFhanW2WFHj981dZ5%2B%2FPjpz9LTuRhztIcX%2BwlLNOVIXabV75KF9gZSqPqsmdb1UzZSlXxekUNsxRltXWtQBX5joBttfe1EOZ8%2B3nPRM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df1e2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22233,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"d22028790abf6524483f0db3a81f3d14","sha1":"b5843e249d31f7e5d508478b366ad1a7ec48ea72","sha256":"1a6c11f7163f71e8a637c5e8a47711ce44005a610d0fae8d8ed80faffa8a0be4","sha512":"5996c8bbd96c4cf36fdaf3044f9994338c5cad5114664486e1daea43464076e50c00a9eaa0d1f5baaacaec8ff131e08b693c651e1593bd5a3324cca946f89e22","ssdeep":"384:H8oylnsrwHbjVqbyQffVW0JPsRAHkDc7Zr6gehC3MEoE0jucjnlsuddt8duOD+OZ:H7qsrwHbjVqb5fVWg9HkDcJuC8EoE0ip","tlshash":"7fa2e178dfe91d1def30177e1578bfcc229f6d19804256ad425c71e2131b2ca449db86","first_seen":"2026-01-02T09:32:22.000395Z","last_seen":"2026-04-03T08:17:38.471523Z","times_seen":22,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":556,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-big-bass-splash.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-big-bass-splash.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-5c43\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=APFmDuIcRhzPFTMe0qhWwHrbnmtZXyOXfJCO5cvliA%2Fdta2oM7%2BIu1cjpkEDk9%2BJkyvjF1MkO6dfxEVFww4hLtL%2FFsJerWKJZsT0qx%2BTdJfL0mwrIMU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86ef222678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23619,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"b421052894e4fa0488f104157b1f232a","sha1":"ca58b50e8ab23a1172c46a58b959a0195169681b","sha256":"b9480c334cb6bd556208c212e55ab5c84977ed63bb0608c1916f3a6844b4fdb2","sha512":"0bf1da4f9cbe81aa0ad00bdbf165cb8398c3517f6e7d29c6f79a0cc92efcc79aa523c111f28c7061c2ad1c6837f4f9b5e598509d2b71a057269e480ce20d8610","ssdeep":"384:RkyDfxLwNoRpdvofVAwt0IT+z2A93Yl29kkB+Fgto1SSwrN+FifLi3c7ck5gMxf:RkyDfVwNoTdgfekTC562kQqDc1EQLi3m","tlshash":"b3b2e04528ebc618e052547e40ba4b3beb0af0215f677fb4c6d8a6fde5321dab050dd8","first_seen":"2026-01-02T09:32:22.027923Z","last_seen":"2026-04-03T08:17:38.418165Z","times_seen":22,"resource_available":false,"data":null}},"time_used":821,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":820,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtp-categories/pragmatic-play.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtp-categories/pragmatic-play.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 18 May 2023 11:44:38 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64660fa6-1624\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=L0YEVX3DVxSmCsUAopycMk4EDuyqf4pYIZV8IqlpBNyY1gRcB3eeVfn1X77do5x%2FNrYoiGc9mg8GCwORYo6gCzbbnFDMjZmsOmcVekPsTJKZlwJownc%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c88ff3c2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5668,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"8eb8381baf39bb22eda377b6ba7b3684","sha1":"0865b3757c3328e824d331b064534fcc78c3d089","sha256":"77b469c572ed52de03d2cac6267eab308bff16e6814d21fb4de327ce2a1089da","sha512":"341077111174c3bfc102a0dedfa4591aedc3a1070f63f200268607ec4be63e95748b9474658f2d2db17ef1cef91f46e09f1e1f98df0a70720b1a6a5875f4f311","ssdeep":"96:OaF3ss4/xB2vUiqyOl8kVjxk8fxMtxevm4KVWsc6RG5QTNOMIWOdidnRzZZ:Oaps/vMUuO6ktM3euo6ekNyrERzZZ","tlshash":"05c19edb9bdd483f85cc228587525e6b6f5c939a28440321b2e72a1542e902f46df7cf","first_seen":"2026-01-02T09:32:22.055918Z","last_seen":"2026-04-03T08:17:38.518769Z","times_seen":25,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtp-categories/microgaming.png","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:55.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtp-categories/microgaming.png HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-1666\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rIfhwcvRLl%2BkqNOY%2BRXaTX1F8%2FABmsXi%2B%2FE6yGtpOMl2K2AumStAuFONbXyv3%2BoHm%2FEhYdeslOwFoPdTSA5gl47zw4nHSQHjLvNJQelSufyIaj7aTqU%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c891f412678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5734,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced","md5":"8689dbfa269fbbf327524dbc48f74b21","sha1":"a07315b83ab5f33216799d6058ec2e9d2a549542","sha256":"c258e9542ef717fce7667d7d8791d6af85280aec431abcb9943d3584cb49b8d8","sha512":"911856f04bb8a6168ae57ca0062420c95deba99d3166002749f89972374b7524d16c0cbbf7a056d62a8487eb001a39aa6138a338545fca3d1e276162f8848539","ssdeep":"96:LUJ58CssE4eJsJP5vbGFXxpPyWtbBAiweXPrbBTPXaqgNTkpIUqwXfA:LUasE4zbGFXqWHrTbBbXadNopqwXfA","tlshash":"74c17dd62b43ffa80e601a2552e52d615edb598fc3192d043c536b7f8864325b2ba8c9","first_seen":"2026-01-02T09:32:22.056866Z","last_seen":"2026-04-03T08:17:38.461731Z","times_seen":25,"resource_available":false,"data":null}},"time_used":596,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":596,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-lightbox-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /v0/amp-lightbox-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 8537\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\nexpires: Fri, 20 Mar 2026 03:03:53 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"28fcb59b9c074e15\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26664,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (26547)","md5":"866019e32d667974068ee8ca1e6f51fc","sha1":"567d8a4ecda8c096d4ef18fdb59a70615f209dc6","sha256":"151fc4ecdbb674696a6f400b7054958640209ee719f2b0caa3117ad7d960a79c","sha512":"54af614595bf2095350a159c6a31ddfdb9262d600f5d32ecd12a6f1411aee1be62fb347597e0bffe70774aceabf0d88206bd1d773b988197876f0fb9341cd7f2","ssdeep":"384:oCXUpS23P0LAu/6jKdxXsHfdajJJj8JTAZl0oFpxRPKGOtH+8JoeWl4LyYO9Irde:oCXUVP5W1d0QzRtq+8JoPuLyYO6rdK15","tlshash":"48c2a4ddf282b47542a7e0b5502f670ba23b6054644a882cb42de9d66db8d4f3177f3c","first_seen":"2026-03-19T00:45:26.98443Z","last_seen":"2026-04-05T09:19:37.195615Z","times_seen":79,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":116,"dns":0,"connect":0,"send":0,"wait":26,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-5-lions-megaways.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-5-lions-megaways.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3df3\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PubRh3nUymV%2F1G9VH1hygbppmrgnlkhkYUyuurbVDMXEsIX3X2CGo%2FUkHZBvhBfYH%2Bpf504FY3GIJA5Er%2FlchZdd%2F107DPYBjGlXXIayvyu2LZPDz8A%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867eec2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15859,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"1d08c2d4a29e6cbc6296122d6c920606","sha1":"a6d096515ba146b8a373248ad3253bfa06bfa7ab","sha256":"9498b5cf09342735f0c78f9596d1885150027a40883271b5164a7549efd7cd92","sha512":"579d539ebb3f54162e3727a2e0cc6b452ac95bb04d6d8ab89815ce6ae7fe5f062213543bf32f1a47805a185eb4eae0e41b8b0bfaa42750cbd6853180cdb6172a","ssdeep":"192:WjZl4+PwnQkujs4zUtwmby2Wy9qszXJ/jBWEzyx3hpUJxrazAsJPcPjnJfkoFA/r:WbuhuoEULh9IgrKQhXqV40QkXVn","tlshash":"5f62c00dc8baeca4cb44c8d82cd7369b1d23b51d9615e97d0a1747941734eb2007a6ba","first_seen":"2023-06-15T15:03:24Z","last_seen":"2026-04-03T08:17:38.450152Z","times_seen":93,"resource_available":false,"data":null}},"time_used":410,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":200,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-5-lions-gold.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.724Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-5-lions-gold.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-56f3\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ErKp4%2BnQqXp8zJr5mNddVITwd4ESL4LgllG2f6nJZx5Go9%2B1ie8lxqKCZEbaVfB27UAJwPcMZ4kFJMq7VgRhJVOwFRq9WIB9uzmRvwbct%2BGsbOUDbZ0%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86bf0c2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22259,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"d29388538573a6a1514b09bc980fece4","sha1":"94b5d260b7e46159c72d68abed2a952d4fa0aac2","sha256":"1ee796d440a869970dd4102f28af974e7742bd7f52a5b8baef4edcd35360e5f6","sha512":"ba0813baff30486bfb0a0638b91c9a345e435f49354eb96fe14b8dbc5e81722eea63c3879ff1f853a921905483fd3746273d66bbc18c9bddda1c771e79bfda95","ssdeep":"384:JbzjYJ0UTcfjyAn44YJZIbaplgoW+MucISr0o9siA0fngXsoDU/O6:JbzjMMnFYVKLP9gipvp/O6","tlshash":"daa2d0084b4ddf6bc08944bc906412ebfc51a2925f6b6b3ce07d57e23b95189e850f5e","first_seen":"2026-01-02T09:32:22.014609Z","last_seen":"2026-04-03T08:17:38.430298Z","times_seen":22,"resource_available":false,"data":null}},"time_used":895,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":893,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-8-dragons.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.728Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-8-dragons.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-598f\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=xsd%2Fu7%2FMt1RnirzG%2B3WO4rdpoKeMzBdJbpvsmgEbzv4IHkL0AyM%2F7f7wqBOa4bLloTIzcw9akmN1rnzZA7cy1727VoSxjAj9o9NYDrr1KyUz1uin8ks%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86cf112678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":22927,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"66248ce1650b9e128fa645c962a7b520","sha1":"6c5c60aa05d8dd3843fff9294d79dc4ceb4eb5a2","sha256":"00a5d3acb0330cb2c6e3943900ce34e75188cdd9a3d6d29268cbf89d9c20e836","sha512":"465b41cf789d47832db60085a1de50ff49a1789290daac1c038dcbd1aec24597f266a5d811e0b0a55fc636747a13700d5e3ca5567928788c41b3557d13969d3f","ssdeep":"384:ur17Np1HsMg7aWnvVWMn6U2oexDi11lU9UMMXkvpU9eEI5K4:0V14aMsfsgi11lUeMDBU9e84","tlshash":"42a2e08938b4aee4d0a32fb08590cec6d5262015bfb3807d77e852ca58c2bc05f98e1d","first_seen":"2026-01-02T09:32:22.046822Z","last_seen":"2026-04-03T08:17:38.467561Z","times_seen":22,"resource_available":false,"data":null}},"time_used":799,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":799,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-888-gold.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-888-gold.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-46dd\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ScnjRG9OEgqsM%2FrSJdMQNAwk4XAsPZyIIzgmfaB%2FgNM8g6r%2F1P7eHvg%2Bri1NEsdOJypOylSUtAFO8IBPgAYbFUZgxEgxo8KAVAgjmHOf5PcYOTLZaV4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86cf172678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18141,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"fa6e67f15ce33a025c1f8c28b2de7945","sha1":"e54621a22ffcedb161fee7b3eba6cedd2c55d088","sha256":"92353cc4fa19069cf8cd780a54c3a70af56a09d2925cc1de0571dc5015c8a4a6","sha512":"f9a516b29aba8ec8dd164cda6e700a55ef1f4a550fd7707e1fe1447fa2128e5eb8940b9a3d56bffafcdcda1bd3185745721b538975346df3855de778eefca2c3","ssdeep":"384:Ae4cBMCfPGZ7Oscx8s+54ESPjr2nkywEAI65:r4WOZ7OscxeOrgkV3p5","tlshash":"b782e132f2d94c56ce50d6fc6c117906338fb62218f32975b77aa0d822bc93728e6950","first_seen":"2026-01-02T09:32:22.096784Z","last_seen":"2026-04-03T08:17:38.438778Z","times_seen":22,"resource_available":false,"data":null}},"time_used":861,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":861,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-aztec-bonanza.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-aztec-bonanza.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-5190\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=8RNZGTRKzxUjAVDQLaqD94Y9J9MhyicDnhnuD8h2GgT7IP1PHIbUnZMQToCV9dD%2FWl%2BefshjS9RDfgqrZdPncO6KsC7tKxV8Yl2A3LaoUQFNJNp%2BTUI%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86df1d2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20880,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"4a75857210013f27cca343e2f1a8659c","sha1":"96f5bd413f2c75c6199e00109bd13df3d58e1f0b","sha256":"9caf6e3b38f1bd06bb3230d4ed3a8914c7aa50c98097a2e4402401ac7346da50","sha512":"eaf08212f8e961cc6c4e3126e924d3214a56b184147bb5a1f2827168a4fa2e79756a0a5c4644179f93f7b819b58f8a671d26a7f7f3ed89df5ca21e2f95153f53","ssdeep":"384:7a+06NhoOp9G30iSyiTYrxMJ3SF+1fu+htrkfmYovnAf:G+0UiSyiuxdifu+h6BovAf","tlshash":"3092d0d142e5674cd37d5c7eceab8faca1c397297a772b6cc64606d192f0a620814c87","first_seen":"2026-01-02T09:32:22.025883Z","last_seen":"2026-04-03T08:17:38.537189Z","times_seen":22,"resource_available":false,"data":null}},"time_used":754,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":753,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-sidebar-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /v0/amp-sidebar-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 9647\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\nexpires: Fri, 20 Mar 2026 03:03:53 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"0756320ec9148a95\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31363,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31247)","md5":"b694f7ac7a2d25f27e3a5170934f767f","sha1":"25695ed09263529c3669752ca1c3165bf0bd5522","sha256":"a8233411b529c7deb0122e2adfc259fd12bcd1ca27551d064cdd900668b122fa","sha512":"5521f93daf0bf6a1e4c6559089dabb7529336e45b2fc984e2e0ab60126d7b26c6bc43b97d838ac114730847bf3c02f5f35c30c06dd16a209cc8ea1be37eee272","ssdeep":"384:QnXCVRcBmElj6eU6nWnxXsHfdujPJqSQybcmE0X3b6IZPLyEu5M8JSY7:QXC0lj6J4yI0b6IxLyEcMDY7","tlshash":"efe2c79cf292b0714693a4b580af550ea23b6555240b882cb06decc66d7ce8fb137f78","first_seen":"2026-03-18T14:43:08.917752Z","last_seen":"2026-04-05T14:51:10.56773Z","times_seen":124,"resource_available":true,"data":null}},"time_used":1244,"timings":{"blocked":604,"dns":4,"connect":27,"send":0,"wait":27,"receive":1,"ssl":578},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-hot-fiesta.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.702Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-hot-fiesta.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:54 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-43e0\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i3tsvRLTGAy2oIu75i1i5np649KwZYh8E5fPyA%2BHaX8AJZdMz6Oq4C9rrTlzNiq%2FCGS5JwpAW%2FgHxKUzfvojO2hMHlpYQymt36W1HLMCcmq7WOFl%2FOY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c869efe2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":17376,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"76f1888dfb7956a96398c580bdec6e58","sha1":"562ecafe5fe3adc80d7533d6e65c47f7431180d8","sha256":"d4d2c7629bd6e04af2fe905f2d78ecadd7e3506784afdc591c36209099566be6","sha512":"18e5747c6d4107f35a2e9b3fcf7099b193be23f0f545ef289fc4df4928f18a4d7bb96b8e6f9510a12e6af46ab9da9f79be3a20df7c36ebe636eac16517fc7883","ssdeep":"384:WJM2fuj/fodwGwpIsFDukABlDMa1wEsUkVcESmlXQScX1n:WJ9u/fCwYbD7nsUkxSmuD1n","tlshash":"3372d01a0c529105d343885536eb24dbd53e0e68a6186171a4ed2232cd69eb0a5eefff","first_seen":"2023-06-15T15:03:25Z","last_seen":"2026-04-03T08:17:38.493614Z","times_seen":67,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":229,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-777-fire-strike.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.729Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-777-fire-strike.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-49ec\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Zz8tqN3hLl%2F1qrOuzv%2FxZIVSDyVjKZemXCcTnghf%2FrSWAcGRedJD1uQLBoHMWmfhGdo7de88NjLpbnDe2ajX9q3s4AehsJAVGWy2bENOsrSn4FCo2rA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86cf122678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":18924,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"47f0dd71c6cb3642c4fa5c26e0ac84a7","sha1":"00a1fd6916426d1fc5c8e2f89f8d22dafe23c028","sha256":"0fadddfe0624442d335b4c62b1ef5f01a9b9c1ad1a3f49367d831819c88895f3","sha512":"280c18b53f611e02a509b25b19f5b5488e43e6a6bd5c5d1e4f0858e213997d6495da55ec7786b348e8229d54dccf31c24567b247269749ef45b6032fbbf277a3","ssdeep":"384:EagLBYUXPkuSymtCdrXZcGYmTATEI0x+Ar9zH8hTg/n+7b7OZZ/p:VgnP9SymtspcEeX0tzwo2b72x","tlshash":"8782c138b74dc568c475187f249b0d47b928af9d5ebe3a386654c3f416a9b45cd3c380","first_seen":"2026-01-02T09:32:21.998474Z","last_seen":"2026-04-03T08:17:38.497314Z","times_seen":22,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":786,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-777-hot-to-burn-hold-and-spin.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-777-hot-to-burn-hold-and-spin.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-4bb3\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vx7l69%2B2avX2n00Zb1vuWWgpyCKV96YNa1RJLFcFCiXqhFMuDDQ%2FHONQrM%2BeIaR2LI0ziivTfYR%2FrmVyCfAOwgBbM2zAdL9TrusikRgSoaL5OjaQsIY%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86cf132678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19379,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"ca54fcf991022b9587bdfe2aab717f91","sha1":"85c196e2fdd22116ca6b24d2fb59336801e67c87","sha256":"b989fc0132490f1355d22d3e08b328e2bb5cfb0fa621e950a145a418c1edf0f7","sha512":"5a7688e12f821bd33c143a5f1077c3ac53a43c0a4d4af242513dd42301677a3906dcc081cc6a2309ac65ad872970183a5e9fc96da521916a089e439a865eac82","ssdeep":"384:pz9zc9H46Soy7sPgMKuNwd85LfJD/45U6bmDxQ99SF/qTnu1k:pzotSoyefNW85LxE5UeHnum","tlshash":"e092d0889769af11ccad64357976d68463e56eb150e14263c2cc5ceef1eea482c3f282","first_seen":"2026-01-02T09:32:21.999304Z","last_seen":"2026-04-03T08:17:38.498534Z","times_seen":22,"resource_available":false,"data":null}},"time_used":870,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":870,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-777-ultra-burn.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-777-ultra-burn.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-575d\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3xhsSJU3%2Fwe85Xm%2BNk4FVSZVuEsxGtn0FFYsQhd5RIFkJUu8BNwGRSnEbSwtFhfnk0qAIX4ULszD3attoF4ILQoB8T0ch3XYDImFJhECfczZDM0%2BrIA%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c86cf142678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":22365,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"5bc47695a2dd84e89923018c61083951","sha1":"d8b495862f693b1b92d545fe0012d0fdf4ca93da","sha256":"586c872a8ad1c604f150af497d700af8a5480e710436f4aef7798f11f1b963a8","sha512":"1b4227bcc8f0bdb653f16cafc1eeef35c2bb65fa7f369a154565ca0f1896798f026ed49857c48e28ec678fd6863e5cec97d9ef9e4d67bc84e5858bacd8453ecb","ssdeep":"384:QhKW3HpG3C3vJGrwMNRVmtX4gYLYHo1AHSeGOBKeDt6y18RC6LouokMTsqgxeYV+:BmHpLvJGrPN+tyLOoeHSyKzQYjMjgx7+","tlshash":"38a2f1d3a2797d1cce6ca8f4290c4b441b493b99a66fc1fc06054ff0e368ad2827d647","first_seen":"2026-01-02T09:32:22.024939Z","last_seen":"2026-04-03T08:17:38.48606Z","times_seen":22,"resource_available":false,"data":null}},"time_used":786,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":780,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.ampproject.org/v0/amp-selector-0.1.js","fqdn":"cdn.ampproject.org","domain":"ampproject.org","tld":"org"},"ip":{"addr":"142.250.178.65","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:53.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"misc-sni.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Feb 2026 18:20:25 GMT","end":"Mon, 18 May 2026 18:20:24 GMT"},"fingerprint":{"sha1":"AF:44:5A:32:4C:6C:13:1C:29:FE:32:6E:3B:44:AC:BC:87:06:12:C4","sha256":"C8:51:6F:73:92:E6:5C:5D:A1:16:E0:88:5E:D4:8C:9D:7B:5D:FD:5B:DC:D7:96:E3:F7:70:F2:D4:10:49:25:15"}}},"request":{"raw":"GET /v0/amp-selector-0.1.js HTTP/1.1\r\nHost: cdn.ampproject.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: text/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\ncontent-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"amphtml-china-available\"\r\nreport-to: {\"group\":\"amphtml-china-available\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/amphtml-china-available\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 3323\r\ndate: Fri, 20 Mar 2026 03:03:53 GMT\r\nexpires: Fri, 20 Mar 2026 03:03:53 GMT\r\ncache-control: private, max-age=604800, stale-while-revalidate=604800\r\netag: \"7b1838be1be2adc0\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10222,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (10105)","md5":"43f73829cef780a51419c3678ec6fa14","sha1":"3e0788084285d4a63beaf35c91eb06d579711860","sha256":"5774ba1842280f76596c3298fa5f86322193069e359012c8b1ac8f2a16fb1894","sha512":"ca88a6203663da0d479ccf7ac1e7fd726e72b85de271c299e03dbf64e506e627cacef8cfbf1b2058ada8a3adc204729dc916be27637af1b08f3284d679a98f09","ssdeep":"192:4HfKZ9uCnS/pzCEp4wrJmDbi6QJmi6KSl6pZyaSr4gPCzken:E67SRzigEiOtKSMpZyDCzkm","tlshash":"272294b97256b13189db74ba841f1489f636b039604f8068f214e8d37c3cd9aa177f35","first_seen":"2026-03-19T23:02:41.233633Z","last_seen":"2026-04-05T09:19:37.187814Z","times_seen":34,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":115,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ww1302.bocoranbom.site/images/rtps/pragmatic-play-gates-of-olympus.jpg","fqdn":"ww1302.bocoranbom.site","domain":"bocoranbom.site","tld":"site"},"ip":{"addr":"104.21.53.225","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww1302.bocoranbom.site/","date":"2026-03-20T03:03:54.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bocoranbom.site","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 10 Feb 2026 12:44:43 GMT","end":"Mon, 11 May 2026 13:41:06 GMT"},"fingerprint":{"sha1":"41:3E:D8:84:F1:DA:44:86:00:E5:FD:06:52:5B:D2:64:58:C2:69:23","sha256":"68:31:61:46:92:26:2A:0D:1E:4B:00:DE:49:61:54:23:F0:01:12:B1:E7:3F:0C:43:36:E0:D1:C3:52:5C:F3:97"}}},"request":{"raw":"GET /images/rtps/pragmatic-play-gates-of-olympus.jpg HTTP/1.1\r\nHost: ww1302.bocoranbom.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww1302.bocoranbom.site/\r\nCookie: XSRF-TOKEN=eyJpdiI6Ik44KzdEV3hpZ2xVNzNJS3Q0NTZvVXc9PSIsInZhbHVlIjoicjVxY0R3NHNXSGRyQ0hJMDZ1ZzJLUERndEttMGdyM3hGbVd3Tjg5Y0JxZ1JDTDk0VC9tVnl5c2gvMmRZbnVFWFBVNmdQazFoeCtGQW5vbHNXWDA3Vnh3MWpsMVRlM1hLN2d5bnpOK1o0bEZnSnlIQVRER1ZtN0VNWkZCZ0VVbDIiLCJtYWMiOiI5OTMyZTQ2NDI4N2E4YjZmZjQzNmJkZTFjNzFjNzdiZTg1MTE4OWJkYzg3NDIwOGZhY2MwMGVmMjljMzMxZDg4IiwidGFnIjoiIn0%3D; rtplive_session=eyJpdiI6IjliOTEzdjhQajkvbTBaZWhaNmxMTWc9PSIsInZhbHVlIjoieEtPcnVJL0ljTm9SaEEzVXdLTWExU041WTJzSFFvN3BBdVhKZUFqYS8vTElQRG1sQVNxb25jc0VJU0RvTkRXcjJpazNaR1NtU3hnS2lPUjcwRndSQnRWK1hEY1pzc09ydWhrSzlucDBWUFU2V1p0WTJFbm1DVTZveHI0UndTK0giLCJtYWMiOiIwN2I1ZTE0YjIzNjdiYjc2ZTEyZTUwZjRiYWExYWRmN2I3ZTNmNGQxNDFhODE4OTQxMjBhMWExMTA5Y2U3ZGUwIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Fri, 20 Mar 2026 03:03:55 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 18 Oct 2022 09:12:02 GMT\r\nvary: Accept-Encoding\r\netag: W/\"634e6de2-3821\"\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-encoding: gzip\r\npriority: u=4,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PyFzJZSL89V80cBic3nWneMpATN2XxFXrqBNDWqw3jfCuqbxhhIs49mkUIG2hpa6Vq2uEq0z6f5d8fYeIoQ2hmtviklY%2FGVj1nYJdlGOqLWG1hD1dmk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9df17c867eea2678-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14369,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3","md5":"2a5270b2b2f24c3d1b996491a7226b24","sha1":"3d4eafbcb6b4d2ef4ad254e9175b38e414ef7bea","sha256":"55c23f1ac60f17d62b6b4792be068e222369eb47c82af2c9333eaaa35798e57d","sha512":"527ba9f3abe91148e227d89d6ee95a99e5b5b2065d2cf84e518da94334d9a563b3caac6e286934e788b9e3b8c6d3d87d77fe295e10f10829778e989d34c95257","ssdeep":"384:W86hX+IN+2mCKmrvPf33tiaVp8hZ92Ie/wK7R/rw:WbhOIY2mCxHvHp8N2Iex7Rc","tlshash":"0e52c006e91358502fc0c5f4b21914372e4d260e6cd2b87c3fe7995fab89ebd563c896","first_seen":"2023-05-11T11:12:18Z","last_seen":"2026-04-05T06:08:13.886062Z","times_seen":639,"resource_available":false,"data":null}},"time_used":807,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":807,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-20","alert":"Sinkholed","trigger":"ww1302.bocoranbom.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}