Submitted URL: https://bonanzattj.fun/
Effective URL: https://rtpttjhebat.shop/
Submission: On June 24 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 41 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is rtpttjhebat.shop.
TLS certificate: Issued by WE1 on June 23rd 2024. Valid for: 3 months.
This is the only time rtpttjhebat.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
9 188.114.97.3 13335 (CLOUDFLAR...)
2 188.114.96.3 13335 (CLOUDFLAR...)
13 2606:4700:303... 13335 (CLOUDFLAR...)
3 139.99.69.140 16276 (OVH)
4 104.19.159.94 13335 (CLOUDFLAR...)
10 52.219.36.71 16509 (AMAZON-02)
41 6
Apex Domain
Subdomains
Transfer
13 assetftphkbgame.com
assetrtp.assetftphkbgame.com
5 MB
10 amazonaws.com
pro-wl-s3.s3.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 244432
826 KB
9 rtpttjhebat.shop
rtpttjhebat.shop
91 KB
5 hkbchat.com
datafile.hkbchat.com — Cisco Umbrella Rank: 258808
hkbchat.com — Cisco Umbrella Rank: 244747
2 MB
4 multi78hkbgamingprovider.com
assetrtp.multi78hkbgamingprovider.com
35 KB
1 bonanzattj.fun
bonanzattj.fun
463 B
41 6
Domain Requested by
13 assetrtp.assetftphkbgame.com rtpttjhebat.shop
10 pro-wl-s3.s3.ap-southeast-1.amazonaws.com rtpttjhebat.shop
9 rtpttjhebat.shop rtpttjhebat.shop
4 assetrtp.multi78hkbgamingprovider.com rtpttjhebat.shop
3 hkbchat.com rtpttjhebat.shop
hkbchat.com
2 datafile.hkbchat.com rtpttjhebat.shop
1 bonanzattj.fun 1 redirects
41 7
Subject Issuer Validity Valid
rtpttjhebat.shop
WE1
2024-06-23 -
2024-09-21
3 months crt.sh
hkbchat.com
Cloudflare Inc ECC CA-3
2024-01-04 -
2024-12-31
a year crt.sh
assetftphkbgame.com
GTS CA 1P5
2024-05-11 -
2024-08-09
3 months crt.sh
multi78hkbgamingprovider.com
GTS CA 1P5
2024-05-26 -
2024-08-24
3 months crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon RSA 2048 M01
2024-01-31 -
2025-01-22
a year crt.sh

This page contains 2 frames:

Primary Page: https://rtpttjhebat.shop/
Frame ID: B1E4D21DA4F8ADA35A9DB759A8F739A1
Requests: 40 HTTP requests in this frame

Frame: https://hkbchat.com/chatapifront?user=19667793&key=3fbe07d7eb928ae8404a8cf8015c4366&prov=10008&title=https://rtpttjhebat.shop/,%20Rtptotojitu&m=&cekmob=false&bkname=&bkstatus=&channel=1
Frame ID: 144B456DE8D5E3D88348F22A625AB14D
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Rtptotojitu

Page URL History Show full URLs

  1. https://bonanzattj.fun/ HTTP 302
    http://rtpttjhebat.shop/ HTTP 307
    https://rtpttjhebat.shop/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

41
Requests

100 %
HTTPS

29 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

7727 kB
Transfer

9109 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bonanzattj.fun/ HTTP 302
    http://rtpttjhebat.shop/ HTTP 307
    https://rtpttjhebat.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rtpttjhebat.shop/
Redirect Chain
  • https://bonanzattj.fun/
  • http://rtpttjhebat.shop/
  • https://rtpttjhebat.shop/
1 MB
64 KB
Document
General
Full URL
https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8e296fb2a680f7f30b79cda149a40b81b6441c48f9bf1eadbecb980af123bf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8989670f3dcf907c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 24 Jun 2024 02:49:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLYfUH3oVcnkUlwfQ3frhJKcJm9QHcJQe4ZB8Mp7y4RLusIfj0k98IgdmiqPIJ7LviQQmrj%2Fkv531Kxv%2FCEE4frdUSubPlIlcia2qtOz09dlo3kxIyzoE0nqLXkec%2FmwN2yW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-ratelimit-limit
3
x-ratelimit-remaining
2

Redirect headers

Location
https://rtpttjhebat.shop/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.min.css
rtpttjhebat.shop/bootstrap3.3.7/
118 KB
20 KB
Stylesheet
General
Full URL
https://rtpttjhebat.shop/bootstrap3.3.7/bootstrap.min.css?v1.0.0
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 08 May 2023 09:34:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
351
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bBYvyQE%2F07b1%2BFrVh0BW6HHcGWcQqjG1Leu9RjK0nIpZOgUDdKV5uRx1aS9bL9UF%2FDeGvTVQ0bZmbfc5DekqVkUB4oSdD6fw3Pyegz7rGi1PmyWmqB1hsGWmTLk7j1JikL6h"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8989671588cd907c-FRA
alt-svc
h3=":443"; ma=86400
app.css
rtpttjhebat.shop/temp1/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://rtpttjhebat.shop/temp1/css/app.css?v1.0.0
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de0b7160f0f2389632511e6f7ba333327d0abeabb183ffa5a3665507a1827b6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 18 Sep 2023 03:55:13 GMT
server
cloudflare
age
349
cf-polished
origSize=9316
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dH2twW38y8y0twrsYM6s2Y28NTiJZQeG%2BIzBZINXopxHH7%2Fg6UaMoM4OdJdmA1b2z3ilZMx6lR69XbTl9RVcMXJJrxaXHB6%2BHVN7X73lBDliBmpTJGdoLZPXrU%2BLB8y6IPe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8989671588cf907c-FRA
alt-svc
h3=":443"; ma=86400
055963922024-01-21-05-19-46.gif
datafile.hkbchat.com/img/chat/10008/
570 KB
571 KB
Image
General
Full URL
https://datafile.hkbchat.com/img/chat/10008/055963922024-01-21-05-19-46.gif
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b9b6da5c933e9b920d0ec2a3734607ea92e65951e21f77dec410335e7bbb529d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
583910
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 20 Jan 2024 22:15:57 GMT
server
cloudflare
etag
"6a87393eee4bda1:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gD7CXXn9wvYULGY8GvpofpYmFvbvwvmoQt94UyQqUW5nHP4h8%2BS%2BmAvOnNR0UcGa781mi6OoC3mBR5wcDSBP%2Fdw8vkoVV8PiZwjUmA2wkJz0m7M2hPXr28p3yHEeDKpNP%2Bv3f%2FvBKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
898967160e9d9195-FRA
055963922024-01-21-05-18-56.gif
datafile.hkbchat.com/img/chat/10008/
1 MB
1 MB
Image
General
Full URL
https://datafile.hkbchat.com/img/chat/10008/055963922024-01-21-05-18-56.gif
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1eb525f78d978c4227f3ecb7fc6d58a6d6a37f47a293ee25ddd2fd940cbce5ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1139730
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 20 Jan 2024 22:15:08 GMT
server
cloudflare
etag
"82c5be20ee4bda1:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oj4ZS6HbWwLq0ccbmPcqf3%2Bn%2BfjKc9Nh%2BifIEDhYGSYbtxORgprjge6bpvSUnWldmfwhT1XtPct5bmokYZ9X%2BPjRpdbxHjIBBUDzXW2ogY%2Fp0iXbEZdDbbG7gozV3SCRqgOhgDx4CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
898967160e9e9195-FRA
8XcQLAobpGKHoQAIBdJ3tuVbqMK2qm0QCgkrjjDA.png
assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/
23 KB
23 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/8XcQLAobpGKHoQAIBdJ3tuVbqMK2qm0QCgkrjjDA.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
433c286458a5723d21ae600c8b5db82adaefb6a526e7ee5a2ce12894d540756c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
23553
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Oct 2023 19:01:46 GMT
server
cloudflare
etag
"fbc2ec8b3efdd91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zVAZqa4F%2FIcUpXSOfh4buLjLi8q2bzaNuMKorhw3Osuxgs7h4vJahULYVf0BbjjOoln6daSLDa%2BtcZD%2FZkkK08iE2FUZGwYl%2BLEvdS410%2FDeu5LQqNrgbDTegrpx8Tt1qbzvoTwn0XGmA4CKdlngb8OG7zhO%2FTdt9per"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896717d9e4bbdf-FRA
PJoqzUzWrFddCAIRoDPK0TaT8qqFbSYhyQ8X7JlX.png
assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/
24 KB
24 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/PJoqzUzWrFddCAIRoDPK0TaT8qqFbSYhyQ8X7JlX.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8fb98451f1a1cd20312c8fc4136f046fa734c64e7aad48c2e41de3452a10eb4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
24328
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Aug 2023 07:03:49 GMT
server
cloudflare
etag
"935344e6bd2d91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTXyUDInFs32Q%2Fs2mjQOLthrjicFDc2IwJCxbsMxt0a%2Fl6EQimJauvGTIVSxTI7tLMl%2BU6xAxsCRhA%2BxT7FaqwVlQCFBW2zv5gtN531Qm2Ql2Ug41ys5%2BEPUbFZ3hg5YNxkEsgejoDhN%2ByicyaXQbVp3qZhvzqPj8cdU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896717d9eabbdf-FRA
r2alAS3zPsthxCrcZPgV1b7p6zRcLy7cdIyDywbq.png
assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/
73 KB
73 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/r2alAS3zPsthxCrcZPgV1b7p6zRcLy7cdIyDywbq.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3f94e9f8110a9f828954a4b213912d9edce7348be63cec86b0af16a1526538f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
74425
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Aug 2023 07:04:08 GMT
server
cloudflare
etag
"ed5842596bd2d91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qm1alX7NYrs7apgfzKS0oh1uzm1P60mFp1j6HSGJZXsUJFPhZj8gNMYGgItmRiq0ZxqqqoR%2BvNRf1MvIvv0qcwhl68Jb1LnQ3itGOOVoVQ9DhaTZNrzRp9PNRnUL1khO4quBewOI1jdBYYyjwYLO8%2BkvP7BugFH2NgWU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
898967180a14bbdf-FRA
rD7sD04aWf5aV9ozU68NVwOnj5sHlKGLUXOjVS2y.png
assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/
7 KB
7 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/rD7sD04aWf5aV9ozU68NVwOnj5sHlKGLUXOjVS2y.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
800bc0c64b78577a9ab1ab16c0a2da8ec3fd3c72c331927dffeaa03a4b7e797f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
6857
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Aug 2023 07:05:37 GMT
server
cloudflare
etag
"b033638e6bd2d91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWwuZd85w9qM%2Fc%2FOcOUXFS2Ug%2Bnzoy%2FzrmhgHhBmm6PJZQtgM7dMSkxFH9eo0Cy732qrdJLYZD2oQaEvu477wpp%2FjzAmCbIKAkaIgAPT%2B9eFtbA1hbK0X%2BLSBDdPjLIhj3VaNxQ4ULamvB9CPx%2BW%2Bd2GsPlnO9hPaTfv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
898967180a12bbdf-FRA
RqRW09GL5UCPVbRjwERYCtot39i48u2DKSeWywW6.png
assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/
30 KB
30 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/icon-socmed/rtptotojitu/RqRW09GL5UCPVbRjwERYCtot39i48u2DKSeWywW6.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bb03c0d8547d76246ef16853eac97de48d210440459c2dc5360de130906ec086
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
30475
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 Aug 2023 07:07:25 GMT
server
cloudflare
etag
"6022e8ce6bd2d91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MU8KSAB6KBrO2OWcs4DLHVUElQZgiDhp0eu4AOb3ewZaCLBzECRXPqLLCv9dsVhpHv6mtke%2B3nRgqOaSDS7JqVNSe%2BxM%2BVUfTw5lf8TO7KhUcFeGHxkYXX5YaAgjvDTCruT1KojfSeKf4953AzW5BENO8CeYOGJbOQzu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896717d9e5bbdf-FRA
GJf09uUEraICoFXjZjoZ0M5bWhgoIaATM4TPSzgi.gif
assetrtp.assetftphkbgame.com/public/banner/rtptotojitu/
974 KB
976 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/banner/rtptotojitu/GJf09uUEraICoFXjZjoZ0M5bWhgoIaATM4TPSzgi.gif
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4bd51f6ebce7c5b75b923ef970befb05ef3dce56ab79946b542ffe354ddf12cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
997498
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 23 Jun 2023 10:58:14 GMT
server
cloudflare
etag
"5444969bc1a5d91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kuF3K6D4I9%2FJAMnJLZMkO2VcfMCglGv5iNntU3QMidHKLbkSIKkMQYsEnbucDolZAPsSOQ3HVPWwDDVUeR7kuL%2FD9507F%2Bdc3IOlAWcpWeTeyh7floAbTFNzgLYGtEEno%2Fef3vgn1dkbQEVrmwD5fUk19trLf%2F3MCDyN"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896717d9e3bbdf-FRA
SXvJclJsDyjIHTNoFAvn3aUDEjrxioK0y8JTdi9u.gif
assetrtp.assetftphkbgame.com/public/banner/rtptotojitu/
4 MB
4 MB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/banner/rtptotojitu/SXvJclJsDyjIHTNoFAvn3aUDEjrxioK0y8JTdi9u.gif
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
802417896954e001084b5ec45d98ead0b9acf8775a0553ce54ac083b56a477b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
3710155
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 23 Jun 2023 11:32:31 GMT
server
cloudflare
etag
"1742b865c6a5d91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbZr9Ms9K2KQcCqrfSgSE%2B19NSqVmxJ3XJ0tdvbjh77nVKm4kzbn36jIFkTEm4uSHUt51vkcEgyFTQ18uzUgRU%2BH05KgM29AtSL%2Fx%2Fuh0VGCe449IRkGUZUSruVdlDuFDj%2B4o4oCcjWN0KQLZyjsRaemQ%2F7YVfcKizhO"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896717c9e2bbdf-FRA
api2
hkbchat.com/
13 KB
13 KB
Script
General
Full URL
https://hkbchat.com/api2?data=guest&prov=10008&key=3fbe07d7eb928ae8404a8cf8015c4366&bkname=&bkstatus=&channel=1
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.99.69.140 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns572177.ip-139-99-69.net
Software
Microsoft-IIS/10.0 / PHP/7.2.4
Resource Hash
6a3f0b09ae01129aac144fead6d1ea36a1b0334e8c7da54924b44288813533b3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
cache-control
no-cache,no-cache, private
server
Microsoft-IIS/10.0
x-powered-by
PHP/7.2.4
content-length
13149
content-type
text/html; charset=UTF-8
N6prqB34gwvzotuUIKbxBvmuTbqju5jWXw1ro4IY.jpg
assetrtp.assetftphkbgame.com/public/banner/rtptotojitu/
272 KB
273 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/banner/rtptotojitu/N6prqB34gwvzotuUIKbxBvmuTbqju5jWXw1ro4IY.jpg
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d507888173cd22839f2b38a747688a8157cd3c933fbfa268d54c02a77b69796b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
278500
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 09 Jun 2023 14:01:12 GMT
server
cloudflare
etag
"a41f3bd9da9ad91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6k5QBzw1B5%2Fmgj%2Bl4%2BxVQUsjtlGkaWE7LvaSY%2BHM3qGSRjtFi9O5ExkFXZgvF7WEn6H%2Fl4F%2B6688D3Qm3FAItjuAhtIXb7Jy%2FV%2FS8DVJclPF7Ss6gPLlhTUR%2Fky4QmHXmi1BDx%2BbNXLXEvox9Qk8zQjE4ewfNO31If5u"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
898967180a10bbdf-FRA
P4z1pkr5uJsDQo8pFloiTZco23ZS4npORklNaVrS.png
assetrtp.multi78hkbgamingprovider.com/public/template_settings/rtptotojitu/
3 KB
3 KB
Image
General
Full URL
https://assetrtp.multi78hkbgamingprovider.com/public/template_settings/rtptotojitu/P4z1pkr5uJsDQo8pFloiTZco23ZS4npORklNaVrS.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.159.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
207aa7e449221095d3ab02d93a94527882b3fb056cfb389862358cf72e1f5e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2646
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 May 2023 10:35:40 GMT
server
cloudflare
etag
"0a6a151628dd91:0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
898967180f532675-TXL
expires
Thu, 25 Jul 2024 02:49:06 GMT
NMsKIw9QRfUvvYnCqUrvbUW3BDzZEKHNKWuh4V4B.jpg
assetrtp.multi78hkbgamingprovider.com/public/template_settings/rtptotojitu/
11 KB
11 KB
Image
General
Full URL
https://assetrtp.multi78hkbgamingprovider.com/public/template_settings/rtptotojitu/NMsKIw9QRfUvvYnCqUrvbUW3BDzZEKHNKWuh4V4B.jpg
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.159.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8d0c4950b4fa9880df158f1a8802611e52f5ecc3d51c7ad9a00cf07ed8146e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
11205
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Jul 2023 19:18:50 GMT
server
cloudflare
etag
"39bb8c8775afd91:0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
898967180f582675-TXL
expires
Thu, 25 Jul 2024 02:49:06 GMT
BVTSgfvU8aVGh879QOK7DDqJv9xRRGTqpUxW7Lps.jpg
assetrtp.multi78hkbgamingprovider.com/public/template_settings/rtptotojitu/
11 KB
11 KB
Image
General
Full URL
https://assetrtp.multi78hkbgamingprovider.com/public/template_settings/rtptotojitu/BVTSgfvU8aVGh879QOK7DDqJv9xRRGTqpUxW7Lps.jpg
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.159.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5dc6e44991b6b74ad5de59952520adc8816eb631826b0e4c43147142ca509349
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
11244
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 05 Jul 2023 19:18:50 GMT
server
cloudflare
etag
"4da7988775afd91:0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
898967180f572675-TXL
expires
Thu, 25 Jul 2024 02:49:06 GMT
qnQzc871Sx1RXo4MFXCYK3SJMN4sHrCoy5pqiWPy.png
assetrtp.multi78hkbgamingprovider.com/public/template_settings/rtptotojitu/
9 KB
10 KB
Image
General
Full URL
https://assetrtp.multi78hkbgamingprovider.com/public/template_settings/rtptotojitu/qnQzc871Sx1RXo4MFXCYK3SJMN4sHrCoy5pqiWPy.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.159.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a4d0c6c2152d24698dcf6a6d6a4141cf138362b967ac5d122a0fa4a7e0fef4b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
9621
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 May 2023 10:17:16 GMT
server
cloudflare
etag
"09e98bf5f8dd91:0"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
898967180f552675-TXL
expires
Thu, 25 Jul 2024 02:49:06 GMT
wZtlrRDbykoLX8QRx2DQfVWXiEZmjB19C9g0JOup.png
assetrtp.assetftphkbgame.com/public/banner-provider/rtptotojitu/
7 KB
8 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/banner-provider/rtptotojitu/wZtlrRDbykoLX8QRx2DQfVWXiEZmjB19C9g0JOup.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
278a2ab6250092b2f51616e7707ebb1f1d9d0a8a447139b485dc785ff9281d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
7354
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 May 2023 08:52:00 GMT
server
cloudflare
etag
"0f838d6538dd91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c0SwdDeVrk2HtCaDJ2ou3xYh%2FmZbn2WnfnN%2B7QWvaOd4p6yW7l8NpftDY7FKLBmQTy5EnhHoISjU7d02jnQ%2BKnDr0kLPafR6sI2hjRdc33cixlmDSoDsuao8L1Z3O6FPo9a%2FBWtbd6MQZQQHYwaB8JwAyUqrAWbany2r"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896717d9e6bbdf-FRA
3xOzxEXuSSHXpBL3y2VVCjyNmCvZvrW00hy5wY4D.png
assetrtp.assetftphkbgame.com/public/banner-provider/rtptotojitu/
7 KB
8 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/banner-provider/rtptotojitu/3xOzxEXuSSHXpBL3y2VVCjyNmCvZvrW00hy5wY4D.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1622bc5d27ff277052b5a3947820df8ef7bd07b0b198c7619eb2875296be401e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
7566
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 May 2023 08:56:16 GMT
server
cloudflare
etag
"078cf6e548dd91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nek%2F8rBKI1Er93Rdb%2BJILqfTHwo1tvmkN%2B68BdeIpOoYntED4Z7kEWxFnBROLu2sddRCtHJwvPTqLw8Z02xjENgltUGPM0NYV3I3FtP1qhUVb9nu%2F9S38ubylA1waRUNhK3%2FFD5wPqLt8y5m6C54olCz%2FDkAAwayCou"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896717d9e7bbdf-FRA
aNyf7cjDOQB68KVn9CyIk5XFKUJwykpbObo0AtmF.png
assetrtp.assetftphkbgame.com/public/banner-provider/rtptotojitu/
7 KB
8 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/banner-provider/rtptotojitu/aNyf7cjDOQB68KVn9CyIk5XFKUJwykpbObo0AtmF.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ef6de857d20384fd382b0cc06ffcf8b752be11c57f9dc6f3471868a0b3cdb664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
7406
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 May 2023 09:01:10 GMT
server
cloudflare
etag
"04fc1e558dd91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NH39ZjpgfYnMOcYER%2Ba%2Fgk05zpDNxIOp3j%2F1PljTB%2FU7%2B9fPrA2IrcCiKao3llmwsWDgH37Vk4Ryiar%2FCCfsgUB6fylCP%2ButUK%2FruPRrrsj2wWlN9SWi68kkCc4whHsODOZ12X3Iuq%2BzUUNvlAFwiDtLRSpBPP566J5P"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896717d9e9bbdf-FRA
khXQ5rQIgYm9oBn9KOwzY1zc5g2yJ2JzOeq8j30L.png
assetrtp.assetftphkbgame.com/public/banner-provider/rtptotojitu/
11 KB
12 KB
Image
General
Full URL
https://assetrtp.assetftphkbgame.com/public/banner-provider/rtptotojitu/khXQ5rQIgYm9oBn9KOwzY1zc5g2yJ2JzOeq8j30L.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
62224f9daf661487570e2a07c8ae23a71bd2812c4b2d67c6f86b292d1e813a9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
11496
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 May 2023 09:19:02 GMT
server
cloudflare
etag
"08729d578dd91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdvDzUYWnEmctw%2FV5c19sw5%2By%2Bo6%2BjPyYvwdXFxfWfV%2BEfBiqW9J%2F36GPERuzLYepkboUPv4nKo7pjX5w6kCQo2tkjygLg7LZOlBNhvlt09FRbPuoVAdwIa76gSa6FdKTRlqtiDoD6YNXDRcfC%2F57dYmhVzV3esoGwaO"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
898967180a0ebbdf-FRA
iframeResizer.min.js
hkbchat.com/js/iframeresize/
13 KB
5 KB
Script
General
Full URL
https://hkbchat.com/js/iframeresize/iframeResizer.min.js
Requested by
Host: hkbchat.com
URL: https://hkbchat.com/api2?data=guest&prov=10008&key=3fbe07d7eb928ae8404a8cf8015c4366&bkname=&bkstatus=&channel=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.99.69.140 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns572177.ip-139-99-69.net
Software
Microsoft-IIS/10.0 /
Resource Hash
c2750bc11ae34135d49bd9bda0168fff42706227a1a180b60705f9f1afa006f3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:06 GMT
content-encoding
gzip
last-modified
Mon, 07 Jan 2019 04:38:43 GMT
server
Microsoft-IIS/10.0
etag
"80b68de42a6d41:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5167
slideImage.js
rtpttjhebat.shop/js/
1 KB
843 B
Script
General
Full URL
https://rtpttjhebat.shop/js/slideImage.js?v=1.0.0
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fd112a7c9784d8cec89478610dc103c3f27a354c2f6cd5b13b29bd7885f9d6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 08 May 2023 09:34:58 GMT
server
cloudflare
age
350
cf-polished
origSize=1582
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tf2BPRfNw3RnHLZ%2FB9UuXOT0%2Btm3Q9IbMKW82pXuk0BT8ZnE0s87LAk2SIsVjCR2ginlzpCdIO%2Fihs5ao4CB142Cfhm0nPoLMkImwuLhYtLxMnR5%2BTJJyHFgjKrIgTmu8s4p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
898967215ecf907c-FRA
alt-svc
h3=":443"; ma=86400
floatingLink.js
rtpttjhebat.shop/js/
1 KB
823 B
Script
General
Full URL
https://rtpttjhebat.shop/js/floatingLink.js?v=1.0.0
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0877f5f6a2ffa41ad4ff7935da4e613b2b200d534928b0d64aa423c843f571ba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 18 Sep 2023 03:55:13 GMT
server
cloudflare
age
350
cf-polished
origSize=1234
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2GS0q3zqCRY%2BnpyASHP9d0vSaeHq91ZvZACDGLoNE5ZBx1io4tM532gs4A9NpxNd4s04ttpqKSCZRll%2FSLfinVMX9Fb9QrsfRRKfZIV9HylNPNhn%2FsucUAgEDAPyrZmdgjT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
898967217edd907c-FRA
alt-svc
h3=":443"; ma=86400
showContent.js
rtpttjhebat.shop/js/
1 KB
910 B
Script
General
Full URL
https://rtpttjhebat.shop/js/showContent.js?v=1.0.0
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b39cf0aaba782c65777ab54f083bec6a1c713c628c8c66b240bae865e7499c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 02 Jun 2023 08:36:05 GMT
server
cloudflare
age
349
cf-polished
origSize=1497
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkmm2aNYL2WI6cziveMMotYQqD0G%2Bz%2Bh%2BD4M%2BbHmNxNmYJo1rBJAxNpkWU498XSCj3rr2ldaFmYZUfIE2qiSSw6poOG9ZFKpQrqJAerPoVJbU7r2IkNRN9rgBp7qeyNhMlNJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
898967217edf907c-FRA
alt-svc
h3=":443"; ma=86400
imageObserver.js
rtpttjhebat.shop/js/
359 B
671 B
Script
General
Full URL
https://rtpttjhebat.shop/js/imageObserver.js?v=1.0.0
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232aef724471754e66f43cf06452ab30ded3e838fe20aa937065b107d7aff613

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 02 Jun 2023 08:36:05 GMT
server
cloudflare
age
349
cf-polished
origSize=456
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKrdMYSDRPFzG52zE4QomKyhCXpXWBEdytF7YG3a9kdRzqT%2BQRF2oCWBBkeBwMA28AqFQTOYvg6CuxxdEkU51lnK1sg0E0Go4fIjDKNgT9Y0Ws%2BUZ9HeMscRZXQ1fCZXzWyk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
898967217ee1907c-FRA
alt-svc
h3=":443"; ma=86400
searchBar.js
rtpttjhebat.shop/js/
569 B
720 B
Script
General
Full URL
https://rtpttjhebat.shop/js/searchBar.js?v=1.0.0
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
288351d81b42405465edfb86aa29f97a03e9c5fbd3533036c1f29c00309c1c1c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 02 Jun 2023 08:36:05 GMT
server
cloudflare
age
348
cf-polished
origSize=696
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLYi%2F18gdY9rKPBJ%2Fa78F%2BCK02nJCCECknNW6raCJCfz8otuLnQi5QN3%2BDu900oIMDGSP8WlgIzbdsvIkZhxn69Ir0aTxsoWW%2FA9qjo1m2cdUSUEDFaBayf3Yqc8IVt8dk6D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
898967217ee2907c-FRA
alt-svc
h3=":443"; ma=86400
gameNameSlide.js
rtpttjhebat.shop/js/
289 B
651 B
Script
General
Full URL
https://rtpttjhebat.shop/js/gameNameSlide.js?v=1.0.0
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08784ba17ce06948f669b3baaf75b38ca9158b2998316c4f92801ed38e49d9b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:08 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 29 Aug 2023 04:31:37 GMT
server
cloudflare
age
348
cf-polished
origSize=403
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMvLf%2BWdKn7E6wmH0LDBA2ZzbkurY8J0p7YWUBxQYRxHjAPLZF59%2FXxhCIyt0Cj2pgE6Crx1ngB9Vb1nsbXW1Dyis6tEZg955RXKnfGM3dUQwAz%2FK67zX9DG6AvtzyAaRmWy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
898967217ee3907c-FRA
alt-svc
h3=":443"; ma=86400
chatapifront
hkbchat.com/ Frame 144B
0
0
Document
General
Full URL
https://hkbchat.com/chatapifront?user=19667793&key=3fbe07d7eb928ae8404a8cf8015c4366&prov=10008&title=https://rtpttjhebat.shop/,%20Rtptotojitu&m=&cekmob=false&bkname=&bkstatus=&channel=1
Requested by
Host: hkbchat.com
URL: https://hkbchat.com/api2?data=guest&prov=10008&key=3fbe07d7eb928ae8404a8cf8015c4366&bkname=&bkstatus=&channel=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
139.99.69.140 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns572177.ip-139-99-69.net
Software
Microsoft-IIS/10.0 / PHP/7.2.4
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://rtpttjhebat.shop/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache,no-cache, private
content-length
5699
content-type
text/html; charset=UTF-8
date
Mon, 24 Jun 2024 02:49:08 GMT
server
Microsoft-IIS/10.0
x-powered-by
PHP/7.2.4
gpas_bebellslo_pop_20240514204027.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
104 KB
105 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/gpas_bebellslo_pop_20240514204027.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
33440acac853937ef38827d55634d3977c77d2a11bbb3c05d3ad5d6a8d7bf124

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:10 GMT
x-amz-version-id
49vRwvl3shPk.pKj0amD7vxS7sYRe9eU
Last-Modified
Tue, 14 May 2024 13:39:12 GMT
Server
AmazonS3
x-amz-request-id
7PE2W9CT6N6E7JC8
ETag
"dbe424a648438f7738c561b1280faeb9"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
106990
x-amz-id-2
i6LRlGd9s3PpC6cLcxUY24+ph340ihk8akThFZxyD1u7E+60YePLqWA4pXKKnGVTtuPNKknM1BQ=
gpas_tigertdp_pop_20210820093130.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
105 KB
105 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/gpas_tigertdp_pop_20210820093130.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
5ac7b4c86a4ba190818e3ba37ba3fe82ef07cd369828c8f3f61fe45ed281f074

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:10 GMT
x-amz-version-id
__EJiacptbQIKhIFV3KXzQFr9vLL8dF9
Last-Modified
Fri, 08 Dec 2023 05:18:14 GMT
Server
AmazonS3
x-amz-request-id
7PEBFHKJTBYWFSRC
ETag
"6ddcfc3278bccfe959fa6da4c506a0bb"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
604800
Accept-Ranges
bytes
Content-Length
107410
x-amz-id-2
4JqazS1zLc4qNRjgLrhS3RuExQlVSJrd6QeJFucZYfOC+gjR81BXMZ/zzww62S0TpITmsEz0gno=
pop_sw_8tr1qu_skw.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
59 KB
59 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/pop_sw_8tr1qu_skw.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7da66fbc9b7d9d9d639261d8e2da3a56820e96ed9df038a3582bb43823b7e7aa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:10 GMT
x-amz-version-id
yq_.2GXSF.qBGDKe0LccfERAMXImLDo1
Last-Modified
Fri, 08 Dec 2023 05:18:18 GMT
Server
AmazonS3
x-amz-request-id
7PECD3X2D0BM3PN3
ETag
"074a8b209951e3bdedfd23543f182a1a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
604800
Accept-Ranges
bytes
Content-Length
60139
x-amz-id-2
qnQ7BybAadWD4QSx33REYT4fFextWzrlUpkBEb+sGjtJg8GokuIzbJFacPqxkntowHagHUvztSo=
gpas_sgift_pop_20210506134527.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
98 KB
99 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/gpas_sgift_pop_20210506134527.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
228d544005c887a0a076d482366e99207f245904791ee80d0a5571ab1ccabb9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:10 GMT
x-amz-version-id
Eh7LmNAEL1gK2EniDzp0Ruj5Z21AVybx
Last-Modified
Fri, 08 Dec 2023 05:18:14 GMT
Server
AmazonS3
x-amz-request-id
7PEB3PKRPJ5G7CWD
ETag
"aafb75edb8c2d749ec18271eabe4f3f2"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
604800
Accept-Ranges
bytes
Content-Length
100573
x-amz-id-2
BuWXNyagzywqfFKj6/ffVW19oqP7qi8hDkEDzZy8pgHfMYM7n+FS/fHHJD6sIZqpg2Ioit9/NNc=
donq_20210820093026.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
104 KB
104 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/donq_20210820093026.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3eb4c76dd27d76540a755e881b3b1bcedf4e36656ebbfb4e12c9f8664bca2270

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:10 GMT
x-amz-version-id
NqEs0fCDag9wbv_Nid1wsi6MfQ2B_GyW
Last-Modified
Fri, 08 Dec 2023 05:18:10 GMT
Server
AmazonS3
x-amz-request-id
7PE4M3BVFSAGGHNB
ETag
"c4f24c947f4cf6b790ada9347898bba1"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
604800
Accept-Ranges
bytes
Content-Length
106496
x-amz-id-2
Bw7HeF2Z2oV5JSuLzeswVrYNOzSk8Oe3fG+WpW+Us2q6iI7JtIGo9amgHu9OApF/2SPS01p+fd8=
jpgt_20210820091131.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
76 KB
77 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/jpgt_20210820091131.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
3998fce1b2bc85e9106c6883a66b7cc14ea37a1b4aaa6089e287b5799fc7d5a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:10 GMT
x-amz-version-id
TSlXyK5Avlspcj8DDjeUMM8AkmvcGNMO
Last-Modified
Fri, 08 Dec 2023 05:18:16 GMT
Server
AmazonS3
x-amz-request-id
7PE5S6KGE6N9W0NE
ETag
"b0d1e80ff404e6730016bdf49376ce32"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
604800
Accept-Ranges
bytes
Content-Length
78207
x-amz-id-2
woCn3FaMcF/FjutTmd9UPdhYpvH5xX+G/Nu2lkPfBbCdnBbpuBlQZOIihsF9MhJJzND5dEz9Gsg=
jpgt_20210820091322.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
77 KB
77 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/jpgt_20210820091322.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2621b799203ab8f2f8972a04b3848852d31147d31d733518309aebd3ff1dc45b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:11 GMT
x-amz-version-id
TMdMO17h4eoJKtQ_uqY9nyIOsxRpLsoY
Last-Modified
Fri, 08 Dec 2023 05:18:16 GMT
Server
AmazonS3
x-amz-request-id
6VQG2RYRHXM8QHDM
ETag
"e864db05a8782f70cdb472f98aa33f84"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
604800
Accept-Ranges
bytes
Content-Length
78668
x-amz-id-2
QEpk4prrZTCVeYDsOcUE7YPKnvaaOoYv92K3E763idng10FYcxinCpk6dfJy1SSwIAS6bGPxo64=
pop_df48c20d_eye_20210820085240.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
86 KB
87 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/pop_df48c20d_eye_20210820085240.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
035195bb6878f705bd3c023128e1f8997972d5dbbc3592330afc441f38da69f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:11 GMT
x-amz-version-id
S0WGzNU2bhgqfzj0gewDLcO7UShPzfNy
Last-Modified
Fri, 08 Dec 2023 05:18:18 GMT
Server
AmazonS3
x-amz-request-id
6VQPYGYPTM6GQAJA
ETag
"235f396b0439c23149e32baa22294927"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
604800
Accept-Ranges
bytes
Content-Length
88575
x-amz-id-2
lHV7gV60Fj+4dOTD40lf58A3nUHGO+Rj1PLa9rvzMYwae3cURjlXqDnJG+ONS/1fyiBCBBKBFdU=
pop_d6fd1a4e_eye_20240328230849.webp
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
15 KB
15 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/pop_d6fd1a4e_eye_20240328230849.webp
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26ead210978506eda312e76bccd78e8e40518f0e0a5f8475d0a68f43dcae871

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:11 GMT
x-amz-version-id
J9vCtH2uzOWEYz2I7iB9WR8aEMrjDcAh
Last-Modified
Thu, 28 Mar 2024 16:08:30 GMT
Server
AmazonS3
x-amz-request-id
6VQHR8FFDSNXP5S9
ETag
"ca7a4dce0037b3388b22f9ebd1f4f313"
x-amz-server-side-encryption
AES256
Content-Type
image/webp
Accept-Ranges
bytes
Content-Length
15178
x-amz-id-2
wWvydTo228YlAvj06QRw67qYH2Cs6UVz1i2ObXxu7iMUAexSv/HhlXO+629iHux0lHEudHaF9Aw=
fm_20210820090852.png
pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/
97 KB
97 KB
Image
General
Full URL
https://pro-wl-s3.s3.ap-southeast-1.amazonaws.com/public/icon/ptim/egames/fm_20210820090852.png
Requested by
Host: rtpttjhebat.shop
URL: https://rtpttjhebat.shop/
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.36.71 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2452c6d491382ec6332cc3ed363cd424eb26366d7053dee680422c84d385bde5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 02:49:11 GMT
x-amz-version-id
USZozODwGtwCINGHpsh0p5.F3d53z2IL
Last-Modified
Fri, 08 Dec 2023 05:18:10 GMT
Server
AmazonS3
x-amz-request-id
6VQQWNK9X8QAA3FG
ETag
"2c5c1c75445d596112d5b5fed910568f"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Cache-Control
604800
Accept-Ranges
bytes
Content-Length
99044
x-amz-id-2
fa85S3YHqdpzF8wWPtRXtvLSnvyocbt2IwQdhYGREdQp4aOMu3F3/Tm+lv5xmVyaVj6nTH23shQ=
xaEQ5r062qgvxAF3oihw6IkiCd69rpYjjIN1OfXp.jpg
assetrtp.assetftphkbgame.com/public/banner/rtptotojitu/
3 KB
3 KB
Other
General
Full URL
https://assetrtp.assetftphkbgame.com/public/banner/rtptotojitu/xaEQ5r062qgvxAF3oihw6IkiCd69rpYjjIN1OfXp.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:258a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
94a84eb4e157b5cc71e83a16afbbf736954a27943f7e64ed560c435551e18f8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://rtpttjhebat.shop/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 02:49:11 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2905
x-xss-protection
1
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 May 2023 10:36:40 GMT
server
cloudflare
etag
"0ec6475628dd91:0"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYEF5VXTY%2F6%2FY6Z7%2FIz1fPlwbHQ%2FuOU%2FwfGwH1VgXQAGJIxyhaqYnA5UKTglGbdkVYgTtyXSyCkRP92eW%2FMQU4U28otGyhZl2GS57vDcEehK1rAJ1QpBcwg9e5biJy5zjxlISvnF%2FsfJ4eUG4IM57SYr%2F9wiew44IEz6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89896734cef3bbdf-FRA

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| popupLivechat string| hkbc_user string| hkbc_title string| hkbc_m string| hkbc_channel boolean| hkbc_cekmob string| hkbc_bkname string| hkbc_bkstatus string| hkbc_url string| hkbc_url2 string| hkbc_urliresize function| hkbc_loadScript function| hkbc_checkmobile function| hkbc_setCookie function| hkbc_getCookie function| hkbc_checkpopup function| hkbc_delegate function| hkbc_dragElement string| pad string| randomint function| docReady function| iFrameResize undefined| movingSlide function| setSlideInterval function| floatingMovement function| removeHiddenClass function| searchBar

3 Cookies

Domain/Path Name / Value
rtpttjhebat.shop/ Name: XSRF-TOKEN
Value: eyJpdiI6IksxVzhRM3ZUOWNFeEtqUmRzOWxKaXc9PSIsInZhbHVlIjoiUmloUWZqZ2pURTFpZm8zSXFGMlM3UVptVzVraEFRUmo2Z0kwWmt2d280a2t2aWU4OWE2ZG9rTGhWT0k2TUVmL09zaEMvN3QrL3ZMcjdEVWlOdkhWUUQ2eUFFSUplWTFpMExJUHpsU2sxRGtYemEyMGVzem5OQm5wRTkwVGZSL1oiLCJtYWMiOiJiODlmMWE5ZDg3N2FkMTdhOWM3NmI0Y2IwYTIzNzNlZmE2NDlmODMxMjFhYTgxODhiNjkwY2VjNzI1NjNhYzMyIiwidGFnIjoiIn0%3D
rtpttjhebat.shop/ Name: rtp_session
Value: eyJpdiI6IkVtYTNRY29ZMkswbUNkaFNXVmFnWFE9PSIsInZhbHVlIjoiZ2J6MHl3Q3dhMEx2R2hPemRzbWk0dm9VS3lvVngzMW9yV0tVRFdaS29IbHFyeGJ2ejlBWExicTVKWnlDYkwwNTNhaWhCOGFiOW52MStBTVN2Y29PdlhSVEFHcU5VanJZTXNJcGxsY2psLytZNThpUFp1T000YytTTGtxb2dybjAiLCJtYWMiOiIzNzk3YjZiODAzOGM4MWUyZDI1Y2UyOGM3NzBmNTMwODVmOTZmNjIxN2YxODA5OGM3NGNiOTk4MGU0ZDFiNDMwIiwidGFnIjoiIn0%3D
rtpttjhebat.shop/ Name: visit2
Value: 19667793

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assetrtp.assetftphkbgame.com
assetrtp.multi78hkbgamingprovider.com
bonanzattj.fun
datafile.hkbchat.com
hkbchat.com
pro-wl-s3.s3.ap-southeast-1.amazonaws.com
rtpttjhebat.shop
104.19.159.94
139.99.69.140
188.114.96.3
188.114.97.3
2606:4700:3035::6815:258a
2606:4700:3037::ac43:b16e
52.219.36.71
035195bb6878f705bd3c023128e1f8997972d5dbbc3592330afc441f38da69f4
0877f5f6a2ffa41ad4ff7935da4e613b2b200d534928b0d64aa423c843f571ba
10fd112a7c9784d8cec89478610dc103c3f27a354c2f6cd5b13b29bd7885f9d6
1622bc5d27ff277052b5a3947820df8ef7bd07b0b198c7619eb2875296be401e
1eb525f78d978c4227f3ecb7fc6d58a6d6a37f47a293ee25ddd2fd940cbce5ef
207aa7e449221095d3ab02d93a94527882b3fb056cfb389862358cf72e1f5e58
228d544005c887a0a076d482366e99207f245904791ee80d0a5571ab1ccabb9d
232aef724471754e66f43cf06452ab30ded3e838fe20aa937065b107d7aff613
2452c6d491382ec6332cc3ed363cd424eb26366d7053dee680422c84d385bde5
2621b799203ab8f2f8972a04b3848852d31147d31d733518309aebd3ff1dc45b
278a2ab6250092b2f51616e7707ebb1f1d9d0a8a447139b485dc785ff9281d25
288351d81b42405465edfb86aa29f97a03e9c5fbd3533036c1f29c00309c1c1c
33440acac853937ef38827d55634d3977c77d2a11bbb3c05d3ad5d6a8d7bf124
3998fce1b2bc85e9106c6883a66b7cc14ea37a1b4aaa6089e287b5799fc7d5a9
3eb4c76dd27d76540a755e881b3b1bcedf4e36656ebbfb4e12c9f8664bca2270
3f94e9f8110a9f828954a4b213912d9edce7348be63cec86b0af16a1526538f4
433c286458a5723d21ae600c8b5db82adaefb6a526e7ee5a2ce12894d540756c
4bd51f6ebce7c5b75b923ef970befb05ef3dce56ab79946b542ffe354ddf12cb
5ac7b4c86a4ba190818e3ba37ba3fe82ef07cd369828c8f3f61fe45ed281f074
5dc6e44991b6b74ad5de59952520adc8816eb631826b0e4c43147142ca509349
62224f9daf661487570e2a07c8ae23a71bd2812c4b2d67c6f86b292d1e813a9d
6a3f0b09ae01129aac144fead6d1ea36a1b0334e8c7da54924b44288813533b3
7da66fbc9b7d9d9d639261d8e2da3a56820e96ed9df038a3582bb43823b7e7aa
800bc0c64b78577a9ab1ab16c0a2da8ec3fd3c72c331927dffeaa03a4b7e797f
802417896954e001084b5ec45d98ead0b9acf8775a0553ce54ac083b56a477b5
8d0c4950b4fa9880df158f1a8802611e52f5ecc3d51c7ad9a00cf07ed8146e0a
8fb98451f1a1cd20312c8fc4136f046fa734c64e7aad48c2e41de3452a10eb4f
94a84eb4e157b5cc71e83a16afbbf736954a27943f7e64ed560c435551e18f8a
a26ead210978506eda312e76bccd78e8e40518f0e0a5f8475d0a68f43dcae871
a4d0c6c2152d24698dcf6a6d6a4141cf138362b967ac5d122a0fa4a7e0fef4b9
b9b6da5c933e9b920d0ec2a3734607ea92e65951e21f77dec410335e7bbb529d
bb03c0d8547d76246ef16853eac97de48d210440459c2dc5360de130906ec086
c2750bc11ae34135d49bd9bda0168fff42706227a1a180b60705f9f1afa006f3
d08784ba17ce06948f669b3baaf75b38ca9158b2998316c4f92801ed38e49d9b
d507888173cd22839f2b38a747688a8157cd3c933fbfa268d54c02a77b69796b
de0b7160f0f2389632511e6f7ba333327d0abeabb183ffa5a3665507a1827b6e
df8e296fb2a680f7f30b79cda149a40b81b6441c48f9bf1eadbecb980af123bf
ef6de857d20384fd382b0cc06ffcf8b752be11c57f9dc6f3471868a0b3cdb664
f1b39cf0aaba782c65777ab54f083bec6a1c713c628c8c66b240bae865e7499c
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c