www.ramp.ondefy.com
Open in
urlscan Pro
3.75.240.115
Public Scan
Effective URL: https://www.ramp.ondefy.com/
Submission Tags: @phish_report
Submission: On October 06 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on October 6th 2023. Valid for: 3 months.
This is the only time www.ramp.ondefy.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 3.75.240.115 3.75.240.115 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.97.53 18.66.97.53 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 13.32.27.21 13.32.27.21 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 3 | 2606:4700:20:... 2606:4700:20::681a:1f8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 3.68.232.196 3.68.232.196 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.112.110 18.66.112.110 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.48.140.7 52.48.140.7 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
18 | 9 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-240-115.eu-central-1.compute.amazonaws.com
www.ramp.ondefy.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-232-196.eu-central-1.compute.amazonaws.com
api-tokens.ondefy.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net
vc.hotjar.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-140-7.eu-west-1.compute.amazonaws.com
content.hotjar.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
ondefy.com
1 redirects
www.ramp.ondefy.com api-tokens.ondefy.com |
4 MB |
3 |
transak.com
1 redirects
api.transak.com |
53 KB |
2 |
hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2992 content.hotjar.io — Cisco Umbrella Rank: 7121 |
419 B |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56 |
150 KB |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901 script.hotjar.com — Cisco Umbrella Rank: 1101 |
60 KB |
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250 |
257 B |
18 | 6 |
Domain | Requested by | |
---|---|---|
8 | www.ramp.ondefy.com |
1 redirects
www.ramp.ondefy.com
|
3 | api.transak.com |
1 redirects
www.ramp.ondefy.com
|
2 | api-tokens.ondefy.com |
www.ramp.ondefy.com
|
2 | www.googletagmanager.com |
www.ramp.ondefy.com
www.googletagmanager.com |
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | content.hotjar.io |
script.hotjar.com
|
1 | vc.hotjar.io |
script.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | static.hotjar.com |
www.ramp.ondefy.com
|
18 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ramp.ondefy.com R3 |
2023-10-06 - 2024-01-04 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-18 - 2024-04-17 |
a year | crt.sh |
api-tokens.ondefy.com R3 |
2023-08-20 - 2023-11-18 |
3 months | crt.sh |
*.hotjar.io Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.ramp.ondefy.com/
Frame ID: E3471AE9B99FBB2CA867E94CD61227E1
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Buy any token with your card | OndefyPage URL History Show full URLs
-
http://www.ramp.ondefy.com/
HTTP 308
https://www.ramp.ondefy.com/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.ramp.ondefy.com/
HTTP 308
https://www.ramp.ondefy.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://api.transak.com/api/v2/currencies/fiat-currencies HTTP 301
- https://api.transak.com/fiat/public/v1/currencies/fiat-currencies
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.ramp.ondefy.com/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.bundle.js
www.ramp.ondefy.com/ |
2 MB 688 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
www.ramp.ondefy.com/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-3308049.js
static.hotjar.com/c/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.d8412042101ac94cb463.js
script.hotjar.com/ |
225 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c398b1917cb609b4a794.ttf
www.ramp.ondefy.com/ |
53 KB 53 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
166 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fiat-currencies
api.transak.com/fiat/public/v1/currencies/ Redirect Chain
|
281 KB 34 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
crypto-currencies
api.transak.com/api/v2/currencies/ |
226 KB 18 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
HEAD H2 |
lastUpdateTime
api-tokens.ondefy.com/v1/ |
0 696 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f0afdb06b44073a02007.woff2
www.ramp.ondefy.com/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fe9bdcfd0955e84eacbc.woff2
www.ramp.ondefy.com/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b105747602e3c4729a4a.woff2
www.ramp.ondefy.com/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3308049
vc.hotjar.io/sessions/ |
0 258 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
content.hotjar.io/ |
56 B 161 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getTokenContractsSorted
api-tokens.ondefy.com/v1/ |
3 MB 3 MB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
266 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 257 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 string| tempTheme function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackChunkondefy_ramp function| _ function| Pusher object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ondefy.com/ | Name: _hjSessionUser_3308049 Value: eyJpZCI6ImU0NzI1Y2VhLWI1ZTgtNWE2YS05ZDAyLTE4YjA5NGEzYzFhMSIsImNyZWF0ZWQiOjE2OTY1ODAzNjQ5NjcsImV4aXN0aW5nIjpmYWxzZX0= |
|
.ondefy.com/ | Name: _hjFirstSeen Value: 1 |
|
.ondefy.com/ | Name: _hjIncludedInSessionSample_3308049 Value: 1 |
|
.ondefy.com/ | Name: _hjSession_3308049 Value: eyJpZCI6IjQ1ZmNlMjg4LWE3MTEtNDU3Mi04YWJmLTYyOTdiZDk5ZjQ4MCIsImNyZWF0ZWQiOjE2OTY1ODAzNjQ5NjgsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0= |
|
.ondefy.com/ | Name: _hjAbsoluteSessionInProgress Value: 1 |
|
.ondefy.com/ | Name: _ga Value: GA1.1.8108803.1696580365 |
|
.ondefy.com/ | Name: _ga_RRXG2ZDWLB Value: GS1.1.1696580365.1.0.1696580365.0.0.0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api-tokens.ondefy.com
api.transak.com
content.hotjar.io
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
www.googletagmanager.com
www.ramp.ondefy.com
13.32.27.21
18.66.112.110
18.66.97.53
2001:4860:4802:32::36
2606:4700:20::681a:1f8
2a00:1450:4001:828::2008
3.68.232.196
3.75.240.115
52.48.140.7
0e58a210f035cb5bdf3d20e5f9843c946556386f023b5b330517f43f1fe17497
10e1014ecf966918d3fcca4de2d00d609269014d0b0f7c27f9c3d733e611a663
24d376f845169a00fb77fc763a5cae9201573805314867072f4e3a3758cbb976
2d66d0e2862fe3da3ea704b05d4e27749c9baa299efb1c965fc82e2400a37ed6
4888876d9a8d4f564aa58a4a0b02e8727914f172c69fe3a8bd292a64c2443e12
5eb1ed444b31fc082f785a2b8da78cebaff6846c837e65973a1fa586ff362993
65bf6dc62b28d52d4c5554d5b0b177786c202062b018c260b2d17616dd912087
77be5695dd1b2222a2b95b3e10ecae633069d3e11e9d3c6025eedfe5171febad
824156972bd8908ade2efdc78533faaeca98bab11a509ad5614267556ad615a7
a770727a1053cc618fd044ede307728ea8d30b64c4b27b9c19a5379b8da1be8c
bcd9fb4a66562d966c8caa044472d263d7c848b1975ed45fb3f0de0c75d14100
c7169af06b92eec2499b1f5e60a488d4f7c130f5118248d2972ba3ba8a90f8d6
e1b1347b127c995bb6548f62e5e274fb47ba25eba54c221203145c8102396fcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc3b49f60ffe6d03e9fd657671f7702b8a1f263927b7afcb5ffcd4e111b505a
fb455cf611454f0504f85a563fc78b4dcbe79bddd58b6bd5c460b28ccdfe8cb8