urlscan.io logo urlscan.io
SecurityTrails logo

ramtoordee.com Open in urlscan Pro
172.67.208.197  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd
Effective URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-...
Submission: On June 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 172.67.208.197, located in United States and belongs to CLOUDFLARENET, US. The main domain is ramtoordee.com.
TLS certificate: Issued by GTS CA 1P5 on May 29th 2024. Valid for: 3 months.
This is the only time ramtoordee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a05:d014:286... 16509 (AMAZON-02)
9 172.67.208.197 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 139.45.195.8 9002 (RETN-AS)
9 139.45.197.251 9002 (RETN-AS)
23 6
2    2a05:d014:286:3501:c236:acb6:449f:1f92 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
bemob.giveaway2024.live
9    172.67.208.197 (United States)

ASN13335 (CLOUDFLARENET, US)
ramtoordee.com
1    2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
2    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
9    139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)
jouteetu.net
Apex Domain
Subdomains		 Transfer
9 jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 24328
9 ramtoordee.com
ramtoordee.com
52 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833
1 KB
2 giveaway2024.live
bemob.giveaway2024.live
1 KB
1 littlecdn.com
littlecdn.com — Cisco Umbrella Rank: 18187
2 KB
23 5
Domain Requested by
9 jouteetu.net ramtoordee.com
9 ramtoordee.com ramtoordee.com
2 my.rtmark.net ramtoordee.com
2 bemob.giveaway2024.live
1 littlecdn.com ramtoordee.com
23 5

This site contains links to these domains. Also see Links.

Domain
pivonoms.net
glugreez.com
Subject Issuer Validity Valid
bemob.giveaway2024.live
R3		 2024-05-13 -
2024-08-11		 3 months crt.sh
ramtoordee.com
GTS CA 1P5		 2024-05-29 -
2024-08-27		 3 months crt.sh
littlecdn.com
E1		 2024-05-09 -
2024-08-07		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
jouteetu.net
R3		 2024-05-14 -
2024-08-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Frame ID: 67E1A3D4AA33FCBAB7F68FEF86525E1E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

(1) Benachrichtigung

Page URL History Show full URLs

  1. http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd HTTP 307
    https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd Page URL
  2. https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var... Page URL

Page Statistics

23
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

56 kB
Transfer

145 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd HTTP 307
    https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd Page URL
  2. https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd HTTP 307
  • https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
686d17a7-2a7e-49f7-9600-05ed7d4f82bd
bemob.giveaway2024.live/go/
Redirect Chain
  • http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd
  • https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd
331 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:286:3501:c236:acb6:449f:1f92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 27 Jun 2024 20:55:47 GMT
etag
W/"14b-NBG9Onl2qkDuhu8BBbhsWSfOHDY"
expires
Thu, 01 Jan 1970 00:00:01 GMT
server
openresty
vary
Accept-Encoding
x-response-time
7.684ms

Redirect headers

Location
https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
ramtoordee.com/ 		79 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
0778d076ae21da891b9b3945200cd761ed10bed878191106f4abef39cb5c5d7b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bemob.giveaway2024.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89a85708ea9f9756-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jun 2024 20:55:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0BFNyd%2FYxVrp5rh4WUJkNBUTyXllDG62OvKhSXqaljDUeZvIALtrwhDkBaQ%2BwXfsVjma0tnfz3W4EgcSDL7Ro3cz558BYjHRkDQ2fSA%2B9DpPJO7bta88h7PnzMafk%2F2opw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
favicon.ico
bemob.giveaway2024.live/ 		552 B
261 B 		Other
General
Check archive.org
Download Go to
Full URL
https://bemob.giveaway2024.live/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a05:d014:286:3501:c236:acb6:449f:1f92 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"126.0.6478.126"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd
sec-ch-ua-full-version-list
"Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
text/html
main.css
littlecdn.com/apps/templates/questions/window/build/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/apps/templates/questions/window/build/main.css?v3023494261222
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdad742fdf104921af31a4e65e639cd2f7ec013fee98b1a60d8954fa3c569621

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Jun 2024 16:17:37 GMT
server
cloudflare
age
5752
etag
W/"667d90a1-1448"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
89a8570b0a909b83-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
017427174432.png
ramtoordee.com/contents/s/b0/7a/bf/15a1d5dd40763c778029aa6fb2/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ramtoordee.com/contents/s/b0/7a/bf/15a1d5dd40763c778029aa6fb2/017427174432.png
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5144
alt-svc
h3=":443"; ma=86400
content-length
1404
last-modified
Tue, 16 Apr 2024 15:30:29 GMT
server
cloudflare
etag
"661e9995-57c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4NPJvTgqAZgb7%2BUY1m9JwmTIf7ZFNjsAzZSNN4HL%2FNkMeFhZIaMpHOuDoKL%2FwfII052YXkCLs0DArZqghbOmHb1jyTCsmQddV%2BmKsp2HwoFL8gAWmd%2F%2FYpu%2FC79gvlbBA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
89a8570a3cf19756-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
gid.js
my.rtmark.net/ 		65 B
545 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=05f3611581c5a4b37938632d8f25a4d0
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c99eceb12f3e8daf3a7b59e6eb2d627c8b79221d62a34f51d87d64377e9a47e5
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ramtoordee.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
micro.tag.min.js
ramtoordee.com/pfe/current/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d3a1551580dbd3aafb73220058fdfe1ff488d56a63dbc0330b58aee87de3fd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 27 Jun 2024 20:55:47 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 27 Jun 2024 15:26:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"667d84a7-96fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bc%2FC6xBm4cLFH%2B6clOLp9nFMrlPl%2F5I9Fpw%2FrdSY9YQaUpuiZnv4ZyJbBt7pRoi693QRcXNcwWFrPvpw2SovNJVFxQC70s%2FjkRPXsNzjkkx2AJJ7xEKIw6dWFwvm8gQ5eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
89a8570acdce9756-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6678fbb34f3ef18c5649c7cfc1302c671ff5b1c8e9f4365fb51f3d629dab2924

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
7608761
ramtoordee.com/sw-check-permissions/ 		0
998 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ramtoordee.com/sw-check-permissions/7608761?var=7632961&var_3=21308327_&ymid=%7Brequest_var%7D&uhd=1&zoneId=7608761
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXB%2Blfs2FdZkyM4JtkmU4mrFNMuyEh4wOZbb8GPim2eQVJxS1keuPhK9M1T3ufQizubDq1BYhYFnfK8G7wOIu84LA2Gw5AD3k%2BhI7NxyVGqgq55tjw43Z23A2I9wAEfxKA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
89a8570b7ee79756-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
ramtoordee.com/ 		0
565 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ramtoordee.com/zone?&pub=0&zone_id=7608761&is_mobile=false&domain=ramtoordee.com&var=7632961&ymid=%7Brequest_var%7D&var_3=21308327_&var_4=&dsig=&tg=1&sw=3.1.528&trace_id=95cac1c2-61f6-4dbd-b594-559ee8588f55&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguMTI2In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI2LjAuNjQ3OC4xMjYifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsIndvdzY0IjpmYWxzZX0=&drf=https://bemob.giveaway2024.live/
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BWTCPP9DpgVRG8m1VPVpzAxtze8IKB%2BEAWvYdLyyaOgk5d%2FH7qkwjct4J0xwuOh6EFqPHelG6zvsGurPCx8%2FD6maRs1s1aKRpqdX7aJ56vKICkEgAA1aAUcyYDDwUkb9A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ramtoordee.com
access-control-allow-credentials
true
cf-ray
89a8570b8f009756-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
gid.js
my.rtmark.net/ 		65 B
543 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7608761&checkDuplicate=true&ymid={request_var}&var=7632961&source=pusher
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
52240e2ecff1eadf80ff043784cecdb155103f9e4e2a1caed901b8e3e6da6973
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ramtoordee.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
/
ramtoordee.com/ 		2 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ&mprtr=1&os_version=10.0.0
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZzdzt2Gdq6cwGc0vwLKqR1VkPriZBmneRdTQtnMzdjGwh83Ld5e1Fpa0wRrQ8pfXm5mCvjwqcxygUVmLlKs5vY%2FT6ZHGFbv%2Ft7QhWM%2B84JR4Eok8tKbjDDUP%2FxywRTgUg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
89a8570bef9a9756-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=86400
track-impression-applab
ramtoordee.com/ 		807 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ramtoordee.com/track-impression-applab?z=7632961&b=21308327&ymid=LqujUsnP36CxgPVhP7L4wZ&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&var_3=21308327_&redirect=false&redirectUrl=https%3A%2F%2Fpivonoms.net%2F4%2F7612086%2F%3Fvar%3D7632961%26ymid%3D3c455b91-c420-4b25-90cb-e5c8fbed16bd%26var_3%3D%24%7BSUBID%7D%26land_state%3Dbefore_render%26land_id%3DppletbgpKX2HYs5%26land_generation_time%3D2024-06-27_15%3A55%3A47%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D05f3611581c5a4b37938632d8f25a4d0%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=10.0.0
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142bcdb4408e9d9be0e0fd4e99859b95deca35ff3b91484b259e63e883359ccb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-trace-id
d98b53ad87ab8e69387604f5cea51c02
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3PohOzJpqKrihDCstRlwTIt91BCAfI7Jx5QOnABNO3Io8ALYYOg5shiocbSJJujkr1oDsxwuHTVMOM0T8cZrf1QVJKcP87fhNzZaF7JqGPUQKBxengO2LMyYTk8RvHmMcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
89a8570bef9f9756-FRA
expires
Tue, 11 Jan 1994 10:00:00 GMT
favicon.ico
ramtoordee.com/ 		0
417 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ramtoordee.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5157
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEoLSunQveVpl6OrjgPkPyvUDR44sz33dKIh2EnJcuauFg4gujrmzkKXgsgt7Ot5Zg73ZXund7UzWfS6USgHg2mv9d7vJ0%2ByQ%2B%2B8RQfoio84DRBTnwvDPYb0ZFq8at%2BvDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
cf-ray
89a8570c381c9756-FRA
alt-svc
h3=":443"; ma=86400
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
zone
ramtoordee.com/ 		791 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ramtoordee.com/zone?&pub=0&zone_id=7608761&is_mobile=false&domain=ramtoordee.com&var=7632961&ymid=%7Brequest_var%7D&var_3=21308327_&var_4=&dsig=&tg=1&sw=3.1.528&trace_id=95cac1c2-61f6-4dbd-b594-559ee8588f55&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguMTI2In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI2LjAuNjQ3OC4xMjYifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsIndvdzY0IjpmYWxzZX0=
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f53f463afebf0ae295131af705c1d1f30866a5831bd6ad01d7f2dbc36725920
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=LqujUsnP36CxgPVhP7L4wZ&ymid=LqujUsnP36CxgPVhP7L4wZ
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 20:55:47 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WBEJx1evEkrXDthdwCUjZ8HhyR%2B5S0sZ6g1JTpuQcyIdmjXfXQsVlXolwM2sShC5kdB%2BLHNon4jlQwbMXSLKFcRQH3GRIhQKHeqd5BqfFlFJErxz7Fn1wdZhxmY5gvdsOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
89a8570c484a9756-FRA
access-control-allow-headers
Origin, X-Requested-With, X-Oaid, Content-Type, Accept
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
custom
jouteetu.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://jouteetu.net/custom
Requested by
Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ramtoordee.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| global_vars function| getCookie function| addURLParams string| osVerUrlParam string| osVerNum object| osVerPromise function| SentryObj function| LogDB function| ErrorLogger function| ObservableVariable object| reverseConfig function| rtrDebugLog function| replaceInAllHrefs function| getGid function| processMarkerResponse function| writeCache function| readCache function| getData function| initAfterDOMReady function| IntentRedirector boolean| adxload function| getRandomIntInclusive number| adxTraffic string| affId string| cpPushZone string| cpS string| cpZ string| cpDebug number| cpPermissionDefaultCounter number| cpRetrySubReq string| pushTagDomain string| srcDomain string| cpVar3 number| maxDefaultRDC string| mtRDC string| mtVar4 string| aabpush function| setCookie object| zfgformats object| __ds3dcv__ string| ttbTime string| ttbUrl string| ttbZone string| ttbPZone string| ttbPParam function| redirectUrl function| backTb

9 Cookies

Domain/Path Name / Value
.bemob.giveaway2024.live/ Name: bemob-viewer-id
Value: 2ec9dbfb-e72a-4858-bf5b-62ebe13da005
.bemob.giveaway2024.live/ Name: bemob-uniq-visit:686d17a7-2a7e-49f7-9600-05ed7d4f82bd
Value: 1
.bemob.giveaway2024.live/ Name: bemob-rotation:686d17a7-2a7e-49f7-9600-05ed7d4f82bd:random:b10dbeb9af8afbc7e9db91de87b46b6e
Value: 0-0-0
.bemob.giveaway2024.live/ Name: bemob-click-id
Value: LqujUsnP36CxgPVhP7L4wZ
ramtoordee.com/ Name: reverse
Value: kVZR2aUyKJ-IVTxgLTjJ1aiSwqCLTI1BGntO_oAF3Sw
ramtoordee.com/ Name: OAID
Value: 05f3611581c5a4b37938632d8f25a4d0
ramtoordee.com/ Name: oaidts
Value: 1719521747
my.rtmark.net/ Name: ID
Value: 0180880d60214cdaf6161881585c54ed
ramtoordee.com/ Name: syncedCookie
Value: true

1 Console Messages

Source Level URL
Text
network error URL: https://bemob.giveaway2024.live/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()