URL: https://rtpgacorpiramidwin.com.flush99.com/
Submission: On April 30 via api from US — Scanned from GB

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 29 HTTP transactions. The main IP is 37.61.232.157, located in United Kingdom and belongs to NAMECHEAP-NET, US. The main domain is rtpgacorpiramidwin.com.flush99.com.
TLS certificate: Issued by R3 on April 30th 2024. Valid for: 3 months.
This is the only time rtpgacorpiramidwin.com.flush99.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 37.61.232.157 22612 (NAMECHEAP...)
6 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.193 15169 (GOOGLE)
1 1 52.20.55.228 14618 (AMAZON-AES)
1 172.67.142.217 13335 (CLOUDFLAR...)
29 5
Apex Domain
Subdomains
Transfer
20 flush99.com
rtpgacorpiramidwin.com.flush99.com
377 KB
8 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 416
120 KB
1 infortpbude.com
infortpbude.com
1 rb.gy
rb.gy — Cisco Umbrella Rank: 111095
159 B
29 4
Domain Requested by
20 rtpgacorpiramidwin.com.flush99.com rtpgacorpiramidwin.com.flush99.com
8 cdn.ampproject.org rtpgacorpiramidwin.com.flush99.com
cdn.ampproject.org
1 infortpbude.com cdn.ampproject.org
1 rb.gy 1 redirects
29 4

This site contains links to these domains. Also see Links.

Domain
rtpgacorpiramidwin.com
bit.ly
wa.me
direct.lc.chat
Subject Issuer Validity Valid
webmail.rtpgacorpiramidwin.com
R3
2024-04-30 -
2024-07-29
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2024-04-08 -
2024-07-01
3 months crt.sh
infortpbude.com
GTS CA 1P5
2024-04-22 -
2024-07-21
3 months crt.sh

This page contains 2 frames:

Primary Page: https://rtpgacorpiramidwin.com.flush99.com/
Frame ID: A8B8D2B534AC27E3FCEE1A1846B74DF8
Requests: 31 HTTP requests in this frame

Frame: https://infortpbude.com/
Frame ID: B1082DE6971F51C5124B9BF8B7590808
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

PIRAMIDWIN: INFO RTP LIVE SLOT SITUS PIRAMID WIN

Detected technologies

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

29
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

496 kB
Transfer

800 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://rb.gy/mewudn HTTP 301
  • https://infortpbude.com/

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rtpgacorpiramidwin.com.flush99.com/
21 KB
21 KB
Document
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
3ba0835d6d7915f5277e52a8197975408fd3a79bbfaf74a0403ac37aeec3171d

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
21804
content-type
text/html
date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:50:12 GMT
server
Apache
v0.js
cdn.ampproject.org/
278 KB
72 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53da1339a0555a71431c0bbfb2bf946f300ee9d5fc2e5b9e0b424c93a2506a82
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 11:25:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73093
x-xss-protection
0
server
sffe
etag
"224c86d2f329f14e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 30 Apr 2024 11:25:24 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/
38 KB
12 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
696c4892dc053e2deaf0604b863832a4f9f6d2196053a3d73f2caf50f29c035f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 11:25:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11505
x-xss-protection
0
server
sffe
etag
"192c4e325910d26e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 30 Apr 2024 11:25:24 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8aa12f4db04964e0ebcc49a4fc965e0002d7a214fe2745c5c7ea88e5f4e7148
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 11:25:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9646
x-xss-protection
0
server
sffe
etag
"0e86908e1c35cf48"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 30 Apr 2024 11:25:24 GMT
amp-anim-0.1.js
cdn.ampproject.org/v0/
6 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46db8c368bdeb8474bfe22e868330f405d9c37c43be84c21bc2ee744efb26af6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 11:25:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2478
x-xss-protection
0
server
sffe
etag
"c45245a201f4ad75"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 30 Apr 2024 11:25:24 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/
25 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8be07463f59242dc397373ea3929039cca1d7c3cf7cad14c9213fc356b324f59
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 11:25:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8937
x-xss-protection
0
server
sffe
etag
"279148c2c8d43f1b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 30 Apr 2024 11:25:24 GMT
amp-lightbox-0.1.js
cdn.ampproject.org/v0/
26 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-lightbox-0.1.js
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be1685cbf62af0bc6f3673c7dd9ad16cbbf4b7b70686925408c6cecc0522b09f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 30 Apr 2024 11:25:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8509
x-xss-protection
0
server
sffe
etag
"dbcc8c1ea6142dc7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 30 Apr 2024 11:25:24 GMT
digital_sans_ef_medium.woff2
rtpgacorpiramidwin.com.flush99.com/fonts/
0
0
Font
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/fonts/digital_sans_ef_medium.woff2
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Origin
https://rtpgacorpiramidwin.com.flush99.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
server
Apache
content-length
688
content-type
text/html; charset=iso-8859-1
digital_sans_ef_medium.woff
rtpgacorpiramidwin.com.flush99.com/fonts/
0
0
Font
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/fonts/digital_sans_ef_medium.woff
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Origin
https://rtpgacorpiramidwin.com.flush99.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
server
Apache
content-length
688
content-type
text/html; charset=iso-8859-1
truncated
/
82 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
piramidwin.png
rtpgacorpiramidwin.com.flush99.com/img/
34 KB
34 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/piramidwin.png
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
c24d28f34e57b0dc84d65fb5e854c8a652a425fe08ac08550b59c21b5ec64994

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:43:02 GMT
server
Apache
accept-ranges
bytes
content-length
34927
content-type
image/png
hot-games.svg
rtpgacorpiramidwin.com.flush99.com/img/
3 KB
3 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/hot-games.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
bac0a1bec5262943990d955385352a4999d570cf5886ef2038d428a5befd13f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
2690
content-type
image/svg+xml
slots.svg
rtpgacorpiramidwin.com.flush99.com/img/
5 KB
5 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/slots.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
efb0343abcb77d1006ab16d9c9425ab521c448f4282b2a075b45f8236b7e09a1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
4759
content-type
image/svg+xml
casino.svg
rtpgacorpiramidwin.com.flush99.com/img/
6 KB
6 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/casino.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
e4cd4cf4db71cb83f53aa4fe3de865a3e2e462adc0e58e531ec20c7681246b33

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
6223
content-type
image/svg+xml
sports.svg
rtpgacorpiramidwin.com.flush99.com/img/
3 KB
3 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/sports.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
b184e6f82b115000286e914338895036d778c265515d3e5d1dfaac5372517b44

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
3163
content-type
image/svg+xml
crash-game.svg
rtpgacorpiramidwin.com.flush99.com/img/
3 KB
3 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/crash-game.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
7694a8dfa750568eddaba281d9c2ff0368cdbbc24d4606242df0abea49b73de9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
3336
content-type
image/svg+xml
arcade.svg
rtpgacorpiramidwin.com.flush99.com/img/
2 KB
2 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/arcade.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
78149d9741c6c3cb99d695186e8dd1c3f948c6b41fdc2250d268edd6dfbcd96b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
1723
content-type
image/svg+xml
poker.svg
rtpgacorpiramidwin.com.flush99.com/img/
3 KB
3 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/poker.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
fcc48a6b712772a6e13ef3cc8d424ed90762dcf9c41333c396e40a8ffcc355e5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
3362
content-type
image/svg+xml
e-sports.svg
rtpgacorpiramidwin.com.flush99.com/img/
7 KB
7 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/e-sports.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
95b5c7713a47f64ea1002cf10a9c56caee6e3b67eccfd642fa07352d83870ce0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
7259
content-type
image/svg+xml
home.png
rtpgacorpiramidwin.com.flush99.com/img/
660 B
721 B
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/home.png
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
7ba5524ad0305d2364327c66fbc4a68809afa5cb5ccbb948c7ae5131055b2088

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
660
content-type
image/png
daftar.png
rtpgacorpiramidwin.com.flush99.com/img/
3 KB
3 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/daftar.png
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
b274e886a0b16211507a413f0d41c96f6d90b688d693e5700e4f2df137214166

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
3114
content-type
image/png
login.svg
rtpgacorpiramidwin.com.flush99.com/img/
3 KB
3 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/login.svg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
a1756e8e7f8faba5999d76edb7988327f60f278fc75dbc5c7e2363e1c7187c63

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
2932
content-type
image/svg+xml
whatsapp.png
rtpgacorpiramidwin.com.flush99.com/img/
16 KB
16 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/whatsapp.png
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
fee3a72b5d0c6b1dfa41c2e2f4080e14d51a74590e4beca8a8362bd73743a262

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
16025
content-type
image/png
livechat.png
rtpgacorpiramidwin.com.flush99.com/img/
14 KB
14 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/livechat.png
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
3da91721540b9f0964a40862d1cf2cc44bb167cd289663aeefc2be4000af738b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:22:11 GMT
server
Apache
accept-ranges
bytes
content-length
14558
content-type
image/png
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012404091947000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404091947000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
2b753b9c13fe907246062aa577f7837fbd2ffebe71dec501c4cd6de494016ac8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Origin
https://rtpgacorpiramidwin.com.flush99.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Apr 2024 08:01:52 GMT
age
12212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"dfcaaf971da6dba2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Apr 2025 08:01:52 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012404091947000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012404091947000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
1f5211c3d83be6fa51f5b9face5beda901221f2a6cf261acb3bbf47d89594126
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Origin
https://rtpgacorpiramidwin.com.flush99.com
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Apr 2024 07:58:51 GMT
age
12393
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3935
x-xss-protection
0
server
sffe
etag
"14ee94e1b9693284"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 30 Apr 2025 07:58:51 GMT
truncated
/
152 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
149 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
infortpbude.com/ Frame B108
Redirect Chain
  • https://rb.gy/mewudn
  • https://infortpbude.com/
0
0
Document
General
Full URL
https://infortpbude.com/
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.142.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87c72bca8d2363d9-LHR
content-encoding
br
content-type
text/html
date
Tue, 30 Apr 2024 11:25:26 GMT
last-modified
Fri, 15 Sep 2023 07:00:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=beAc1FA2HJEArdDnGVK5WpsCVW7yfUhzEibsf%2BlOU4D%2F3Y1SpK5rvQr30OP0iOxXNITIvPsGfGkvesTP7O%2FGniN36rV%2Fj0cWZRP7fNwCC5QoCYTp4E5zdSaAIc3UlVjw948%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Tue, 30 Apr 2024 11:25:25 GMT
engine
Rebrandly.redirect, version 2.1
expires
-1
location
https://infortpbude.com/
strict-transport-security
max-age=15552000
exbns.jpg
rtpgacorpiramidwin.com.flush99.com/img/
145 KB
145 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/exbns.jpg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
a898d7f2f19309eefcff2aa42821b1d0be9ae20478dd7f113f476de15023acb7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:46:06 GMT
server
Apache
accept-ranges
bytes
content-length
148004
content-type
image/jpeg
rtppwin.jpg
rtpgacorpiramidwin.com.flush99.com/img/
96 KB
96 KB
Image
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/rtppwin.jpg
Requested by
Host: rtpgacorpiramidwin.com.flush99.com
URL: https://rtpgacorpiramidwin.com.flush99.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
66c5a8dcc8790e5c82adfda30e8650cb0fe9a80a1d96acb748a85ff3ec5bef5f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:24 GMT
last-modified
Tue, 30 Apr 2024 07:43:10 GMT
server
Apache
accept-ranges
bytes
content-length
98249
content-type
image/jpeg
icon-piramidwin.png
rtpgacorpiramidwin.com.flush99.com/img/
12 KB
12 KB
Other
General
Full URL
https://rtpgacorpiramidwin.com.flush99.com/img/icon-piramidwin.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
37.61.232.157 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
ssdrs6.layerip.com
Software
Apache /
Resource Hash
f64af5b6ff677da16a7b5573e79192f006090b2478ea52b0bc39fabd69ed2fd8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://rtpgacorpiramidwin.com.flush99.com/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 11:25:27 GMT
last-modified
Tue, 30 Apr 2024 07:42:37 GMT
server
Apache
accept-ranges
bytes
content-length
11940
content-type
image/png

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| listeningFors

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://rtpgacorpiramidwin.com.flush99.com/fonts/digital_sans_ef_medium.woff2
Message:
Failed to load resource: the server responded with a status of 500 ()
network error URL: https://rtpgacorpiramidwin.com.flush99.com/fonts/digital_sans_ef_medium.woff
Message:
Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
infortpbude.com
rb.gy
rtpgacorpiramidwin.com.flush99.com
172.217.16.193
172.67.142.217
2a00:1450:4001:806::2001
37.61.232.157
52.20.55.228
1f5211c3d83be6fa51f5b9face5beda901221f2a6cf261acb3bbf47d89594126
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2b753b9c13fe907246062aa577f7837fbd2ffebe71dec501c4cd6de494016ac8
3ba0835d6d7915f5277e52a8197975408fd3a79bbfaf74a0403ac37aeec3171d
3da91721540b9f0964a40862d1cf2cc44bb167cd289663aeefc2be4000af738b
46db8c368bdeb8474bfe22e868330f405d9c37c43be84c21bc2ee744efb26af6
53da1339a0555a71431c0bbfb2bf946f300ee9d5fc2e5b9e0b424c93a2506a82
66c5a8dcc8790e5c82adfda30e8650cb0fe9a80a1d96acb748a85ff3ec5bef5f
696c4892dc053e2deaf0604b863832a4f9f6d2196053a3d73f2caf50f29c035f
7694a8dfa750568eddaba281d9c2ff0368cdbbc24d4606242df0abea49b73de9
78149d9741c6c3cb99d695186e8dd1c3f948c6b41fdc2250d268edd6dfbcd96b
7ba5524ad0305d2364327c66fbc4a68809afa5cb5ccbb948c7ae5131055b2088
8be07463f59242dc397373ea3929039cca1d7c3cf7cad14c9213fc356b324f59
95b5c7713a47f64ea1002cf10a9c56caee6e3b67eccfd642fa07352d83870ce0
a1756e8e7f8faba5999d76edb7988327f60f278fc75dbc5c7e2363e1c7187c63
a898d7f2f19309eefcff2aa42821b1d0be9ae20478dd7f113f476de15023acb7
a8aa12f4db04964e0ebcc49a4fc965e0002d7a214fe2745c5c7ea88e5f4e7148
b184e6f82b115000286e914338895036d778c265515d3e5d1dfaac5372517b44
b274e886a0b16211507a413f0d41c96f6d90b688d693e5700e4f2df137214166
bac0a1bec5262943990d955385352a4999d570cf5886ef2038d428a5befd13f1
be1685cbf62af0bc6f3673c7dd9ad16cbbf4b7b70686925408c6cecc0522b09f
c24d28f34e57b0dc84d65fb5e854c8a652a425fe08ac08550b59c21b5ec64994
e4cd4cf4db71cb83f53aa4fe3de865a3e2e462adc0e58e531ec20c7681246b33
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
efb0343abcb77d1006ab16d9c9425ab521c448f4282b2a075b45f8236b7e09a1
f64af5b6ff677da16a7b5573e79192f006090b2478ea52b0bc39fabd69ed2fd8
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457
fcc48a6b712772a6e13ef3cc8d424ed90762dcf9c41333c396e40a8ffcc355e5
fee3a72b5d0c6b1dfa41c2e2f4080e14d51a74590e4beca8a8362bd73743a262