rtpcrot8.xyz Open in urlscan Pro
2606:4700:3030::ac43:abfd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rtpcrot8.xyz/
Effective URL:
https://rtpcrot8.xyz/
Submission: On April 18 via manual (April 18th 2024, 12:47:35 pm UTC) from KH — Scanned from DE

Summary HTTP 18 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3030::ac43:abfd, located in United States and belongs to CLOUDFLARENET, US. The main domain is rtpcrot8.xyz.
TLS certificate: Issued by GTS CA 1P5 on March 19th 2024. Valid for: 3 months.

This is the only time rtpcrot8.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3030::ac43:abfd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
10	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	5

2 2606:4700:3030::ac43:abfd (United States)

ASN13335 (CLOUDFLARENET, US)

rtpcrot8.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

turbo199.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	turbo199.com turbo199.com — Cisco Umbrella Rank: 785815	667 KB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 416	85 KB
2	rtpcrot8.xyz rtpcrot8.xyz	6 KB
1	gstatic.com fonts.gstatic.com	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1008 B
18	5

	Domain	Requested by
10	turbo199.com	rtpcrot8.xyz
4	cdn.ampproject.org	rtpcrot8.xyz cdn.ampproject.org
2	rtpcrot8.xyz
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	rtpcrot8.xyz
18	5

This site contains links to these domains. Also see Links.

Domain
rajacuanbest.com
warunggacor09.xyz
pwr-jaya.com
ligacuanvip.com
rtpcrotbig.xyz
www.bncarm.com

Subject Issuer	Validity	Valid
rtpcrot8.xyz GTS CA 1P5	`2024-03-19` - `2024-06-17`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
turbo199.com GTS CA 1P5	`2024-04-05` - `2024-07-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rtpcrot8.xyz/
Frame ID: 6315359C75FAF14B2E8DAD3F0DF7A73E
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bocoran Info RTP Slot Online Terbaru Gampang JP Hari Ini 2023

Page URL History Show full URLs

http://rtpcrot8.xyz/ HTTP 307
https://rtpcrot8.xyz/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

787 kB
Transfer

1036 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://rajacuanbest.com/?ref=slaman89
Title: RAJACUAN

Search URL Search Domain Scan URL

URL: https://warunggacor09.xyz/register/CBFC4352
Title: WARUNGCASH189

Search URL Search Domain Scan URL

URL: https://pwr-jaya.com/?content=register&ref=SlamanSlumun
Title: POWER4D

Search URL Search Domain Scan URL

URL: https://ligacuanvip.com/register?ref=2M3ENAA001V
Title: LIGACUAN

Search URL Search Domain Scan URL

URL: https://rtpcrotbig.xyz/
Title: rtp slot gacor

Search URL Search Domain Scan URL

URL: https://www.bncarm.com/
Title: slot online

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rtpcrot8.xyz/ HTTP 307
https://rtpcrot8.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
rtpcrot8.xyz/
Redirect Chain

http://rtpcrot8.xyz/
https://rtpcrot8.xyz/

26 KB
5 KB

239ms
212ms

Document
text/html

2606:4700:3030::ac43:abfd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:abfd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a0d82afaf52829576757f5ed8dfd7ef996acb65d84471bc78241f8b6e78ffcf

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8764c37ed8c235eb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 12:47:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iGxOCq81JVscz6Z4eDj1hvlYaWgl2dtcePwOtUpXT0gmHNbfX4RYVpsA5NXbRlhjRdJmuEl9veJi435OBXNjXEm8ZJ8iJTFVPP2j9lF5dAtkSy7uFUpUysV4FQMlpj5eatJJnTowjlsdZZM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://rtpcrot8.xyz/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 46ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2178c2c7039c0f565fd638053998d92fdeba670af287085c106b4b54139f5f3a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 12:47:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73102
x-xss-protection: 0
server: sffe
etag: "aa2c955478cddb65"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Apr 2024 12:47:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1008 B 43ms
17ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,700;display=swap

Requested by

Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

593e8ba0015655cfca47b977edae4b59e4568d4674d4309922c50fc9464fb70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Apr 2024 12:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 12:47:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Apr 2024 12:47:29 GMT

GET
H2 200 amp-accordion-0.1.js Show response
cdn.ampproject.org/v0/ 17 KB
6 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.js

Requested by

Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

271b2b33082ea4ad5f0d06fa04191728a71f2741783e3e13396a3d9ae5e27d1a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 18 Apr 2024 12:47:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5838
x-xss-protection: 0
server: sffe
etag: "37b5d052ddf4213b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Apr 2024 12:47:29 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700;display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://rtpcrot8.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 06:43:36 GMT
x-content-type-options: nosniff
age: 194633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28512
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Apr 2025 06:43:36 GMT

GET
H3 200 zeus.jpg
turbo199.com/games/ 48 KB
49 KB 372ms
331ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/zeus.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66d6590266dacbd941426a00d83cd55ec84b020cfa9e82f39adaec7fc1418334

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:29 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509f4-c0e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FoIsgqNV9pCE2beoYolYwA19gyJYGjnCbTlWjFh95Zd%2BKXLu6vIM7cwaGtlZ8KuxWb8TvICUh39Mw4SNr5BS%2BMAEZ6xprUZrl4HBhXSfRGyfdt315lXJjjVsskiGnwySAJLZcn0VUJKSjPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3811d5471be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 49378
expires: Sat, 18 May 2024 04:55:41 GMT

GET
H3 200 xmas.jpg
turbo199.com/games/ 39 KB
39 KB 267ms
226ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/xmas.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69800d3e646f9e9240ac2f26a8d38b6c3a4c3d0a195fd457d3141790057685a8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:29 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509f5-9a7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22%2BSIrIglDoblAL7TVCsg1H5uw26PlIqR2%2Ff6s8mymAwxBbB03itLoZEclu26epnVOZMQPmn%2FjH5DSAXKpiG2hwwAN0zlXh1cArkKP3U0pbIIX4cFtxtcc5QLdOaH%2BmBqieWzsSZhbJI%2FRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3811d5971be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 39548
expires: Thu, 02 May 2024 17:33:43 GMT

GET
H3 200 starlight.jpg
turbo199.com/games/ 42 KB
42 KB 389ms
348ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/starlight.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caec54ba9a391fd412e2779154187f042eb1ae73974cebcc7e024ab51e013402

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:29 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509f4-a6b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzjvVjIIDDKgSRiROOGgxtrLXUyTPnLB5MAbIK5g%2ByybNPEl8GQhaXFoyxoa0bgKcBoGJkubGM45fdb8iigZRd6QhLKoPJ0UgndEtMRlVOXXcl4zE%2BNxclQUmHs%2F55sjVLXtjCpAHBaUqVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3811d5b71be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 42677
expires: Thu, 02 May 2024 20:59:09 GMT

GET
H3 200 joker-jewels.png
turbo199.com/games/ 240 KB
241 KB 243ms
203ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/joker-jewels.png
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e254c6056c204aad4e7f0d09d6eada668a78275bf063d2b06ae5bfdf42f0312

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:29 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509f8-3c127"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNy8hQQNktl%2B246rhPbUoAtnR7xFju4Ur12RTIleRrgE%2FvmpGSLDy1c3bc%2BAJFszfBI4Vk%2Fj3J8XCcE68COnipGXU5KYVX6LhjK%2FEUz9E%2FEaPdV1oxxtts%2B4%2BEJjliOIMp1l5atkX607iqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3811d5c71be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 246055
expires: Thu, 02 May 2024 17:33:43 GMT

GET
H3 200 hiphop-panda.jpg
turbo199.com/games/ 42 KB
43 KB 227ms
187ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/hiphop-panda.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c9de795823a319240acb10513ecbd5ff7f9f6385f99fa4ca3647674d609a1a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:29 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509fa-a9eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YB2rR5Ye0oqL1X%2FZTA6sbcQ77kBMZOlYG%2F%2FaPl%2BLXQPw30iS80uU%2By7LLi8KJeTaADsMbge%2FyF7I9br8t96nC96Mzdv4DgVirEhVjQVkbqW2MbE5MTb%2FPPjtQQuCCKbeNtxufr6jLoM86sQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3811d5d71be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43499
expires: Thu, 02 May 2024 21:53:18 GMT

GET
H3 200 koi-gate.jpg
turbo199.com/games/ 48 KB
49 KB 956ms
915ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/koi-gate.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29424f39685da5535997165439b9c1597a0424fb3e44b26caeda9fb5e480c121

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:30 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509f8-c154"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8%2FXdTIf7TWPyHnPXwaFexNK%2BtOmQOgmA3TBR8wiEXL7JtT8KUM3TKu9JHKNRemo9bDy8gNbxBWtpbMGRhwJOyI88fj7wPLYWYQh45m9fB%2BeddksIshUpXbrq2GpMDMwFEUNE8emZxIq99E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3811d5e71be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 49492
expires: Thu, 02 May 2024 17:33:43 GMT

GET
H3 200 great-rhino.jpg
turbo199.com/games/ 39 KB
40 KB 789ms
789ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/great-rhino.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cde0a59db5b12853924b159fac28f5caa0a5694e1373431441066e98eb2f6148

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:30 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509fb-9c7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BMNn6N9rGghhEpmmT%2FarkJYhNA23IuaVumMyOLp%2BQzu60S0ly8O13k%2BIE%2BJfiU%2FeGDm%2F8hTyxua2XoJPvL%2B744uEsEVTYPPgOCsYsDg8g4cUmVFHm4R6Q9qjXEROk%2FpSmFZvXdaYU%2BRswlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3825e9271be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 40063
expires: Thu, 02 May 2024 17:33:46 GMT

GET
H3 200 madame-destiny.jpg
turbo199.com/games/ 74 KB
74 KB 815ms
814ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/madame-destiny.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c0bd448c23880c89830d2023949d337d7b304b85f0405472ba1b023a0bf097

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:30 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509f7-127cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2bF2DFWXVrJQWdVTtXoV5zl1UNR696lSHudCC8bgbH7vNVSANeI3guHpbNMoHyGmrH0X4%2FXPdOzCna94EqEnJXTfL69KhlskZj2Ef70WmkRrwQIcYZ015ZQydVn6i59Py4dayPpt95mnTLU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3825e9671be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 75724
expires: Sat, 18 May 2024 03:04:24 GMT

GET
H3 200 wwg.jpg
turbo199.com/games/ 43 KB
44 KB 210ms
210ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/wwg.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e2ebf85809abbcbe4339531010c8875f7038829270b7fd645149a4c9f626146

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:29 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509f5-ac6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJGf1pIC3mUDgLa0oIWPAUVf1MxCzpOLKYJnPxFSRmElk%2FeUuqjyGHraBbUUN2dKeYY9wpMoA0HOa1TEwE8wQplRCW9mamDRSoA5e2xdwzjtXudI9MB9wWNDadAjyNXCHpWyGCBcNNenemc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3825e9771be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 44140
expires: Sat, 18 May 2024 03:04:24 GMT

GET
H3 200 john-hunter.jpg
turbo199.com/games/ 46 KB
47 KB 800ms
799ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turbo199.com/games/john-hunter.jpg
Requested by: Host: rtpcrot8.xyz
URL: https://rtpcrot8.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be09eb31690601048c03b3d7b65b0d135cc79e5597d079b3bfc8580b5343114

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:30 GMT
cf-cache-status: HIT
last-modified: Sun, 22 Oct 2023 11:39:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "653509f8-b9ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P5mCB9YuRJkZ0q5dpP5JlSXx7oni7WUHUuiNRtAZEAkmxoadzx4pjavRl3RrJVhT%2BZuDMGwX1wXrp3%2B0PZa2jOiiG77v1omgnrKHu4bdEF0RjFs1tWAUTniXDmOcv9xNq02lbmkGJEle9Mo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8764c3825e9971be-FRA
alt-svc: h3=":443"; ma=86400
content-length: 47531
expires: Sat, 18 May 2024 04:55:41 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012404021934000/v0/ 8 KB
3 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404021934000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f0500c17c818b7393cdd055cd8a8364f264fe1785a726f10af0fc352409f11

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Origin: https://rtpcrot8.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Apr 2024 03:31:15 GMT
age: 206174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2971
x-xss-protection: 0
server: sffe
etag: "4983f70303035d33"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Apr 2025 03:31:15 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012404021934000/v0/ 12 KB
4 KB 18ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012404021934000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15d2fe411597796d07b83bdddc7f074fef90ab99bc47b7e85a020140459b8251

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Origin: https://rtpcrot8.xyz
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 16 Apr 2024 03:31:15 GMT
age: 206174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3942
x-xss-protection: 0
server: sffe
etag: "746b70bafab1ae1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Apr 2025 03:31:15 GMT

GET
H3 404 favicon.ico
rtpcrot8.xyz/ 548 B
565 B 208ms
207ms Other
text/html 2606:4700:3030::ac43:abfd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtpcrot8.xyz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:abfd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rtpcrot8.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 12:47:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ca4WVH2HSObRmQ0ZZ66oHokJ5CQMhTzSWyvt6JqTm6B7W8pQio8DYrfwrGy3YuCa6giShyANkdWJIEQgq3APzkNGmYxkjSSsD4HgZos3sOWyI2R5fD8yOIfy%2FKpsEL3KhkwHvQW%2F2mkzyoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8764c3879a6035eb-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rtpcrot8.xyz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
rtpcrot8.xyz
turbo199.com
2606:4700:3030::ac43:abfd
2a00:1450:4001:810::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:831::2001
2a06:98c1:3121::3
15d2fe411597796d07b83bdddc7f074fef90ab99bc47b7e85a020140459b8251
20f0500c17c818b7393cdd055cd8a8364f264fe1785a726f10af0fc352409f11
2178c2c7039c0f565fd638053998d92fdeba670af287085c106b4b54139f5f3a
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
271b2b33082ea4ad5f0d06fa04191728a71f2741783e3e13396a3d9ae5e27d1a
29424f39685da5535997165439b9c1597a0424fb3e44b26caeda9fb5e480c121
29c9de795823a319240acb10513ecbd5ff7f9f6385f99fa4ca3647674d609a1a
46c0bd448c23880c89830d2023949d337d7b304b85f0405472ba1b023a0bf097
593e8ba0015655cfca47b977edae4b59e4568d4674d4309922c50fc9464fb70e
66d6590266dacbd941426a00d83cd55ec84b020cfa9e82f39adaec7fc1418334
69800d3e646f9e9240ac2f26a8d38b6c3a4c3d0a195fd457d3141790057685a8
6be09eb31690601048c03b3d7b65b0d135cc79e5597d079b3bfc8580b5343114
7a0d82afaf52829576757f5ed8dfd7ef996acb65d84471bc78241f8b6e78ffcf
8e254c6056c204aad4e7f0d09d6eada668a78275bf063d2b06ae5bfdf42f0312
9e2ebf85809abbcbe4339531010c8875f7038829270b7fd645149a4c9f626146
caec54ba9a391fd412e2779154187f042eb1ae73974cebcc7e024ab51e013402
cde0a59db5b12853924b159fac28f5caa0a5694e1373431441066e98eb2f6148
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

rtpcrot8.xyz Open in urlscan Pro 2606:4700:3030::ac43:abfd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

787 kBTransfer

1036 kBSize

0 Cookies

6 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

rtpcrot8.xyz Open in urlscan Pro
2606:4700:3030::ac43:abfd Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

787 kB
Transfer

1036 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions