Submitted URL: http://www.ramp.ondefy.com/
Effective URL: https://www.ramp.ondefy.com/
Submission Tags: @phish_report
Submission: On October 06 via api from FI — Scanned from FI

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 3.75.240.115, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.ramp.ondefy.com.
TLS certificate: Issued by R3 on October 6th 2023. Valid for: 3 months.
This is the only time www.ramp.ondefy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 3.75.240.115 16509 (AMAZON-02)
1 18.66.97.53 16509 (AMAZON-02)
1 13.32.27.21 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 3.68.232.196 16509 (AMAZON-02)
1 18.66.112.110 16509 (AMAZON-02)
1 52.48.140.7 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
18 9
Apex Domain
Subdomains
Transfer
10 ondefy.com
www.ramp.ondefy.com
api-tokens.ondefy.com
4 MB
3 transak.com
api.transak.com
53 KB
2 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2992
content.hotjar.io — Cisco Umbrella Rank: 7121
419 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
150 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901
script.hotjar.com — Cisco Umbrella Rank: 1101
60 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2250
257 B
18 6
Domain Requested by
8 www.ramp.ondefy.com 1 redirects www.ramp.ondefy.com
3 api.transak.com 1 redirects www.ramp.ondefy.com
2 api-tokens.ondefy.com www.ramp.ondefy.com
2 www.googletagmanager.com www.ramp.ondefy.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 content.hotjar.io script.hotjar.com
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.ramp.ondefy.com
18 9

This site contains no links.

Subject Issuer Validity Valid
www.ramp.ondefy.com
R3
2023-10-06 -
2024-01-04
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-18 -
2024-04-17
a year crt.sh
api-tokens.ondefy.com
R3
2023-08-20 -
2023-11-18
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.ramp.ondefy.com/
Frame ID: E3471AE9B99FBB2CA867E94CD61227E1
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Buy any token with your card | Ondefy

Page URL History Show full URLs

  1. http://www.ramp.ondefy.com/ HTTP 308
    https://www.ramp.ondefy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

18
Requests

94 %
HTTPS

33 %
IPv6

6
Domains

9
Subdomains

9
IPs

3
Countries

4623 kB
Transfer

7197 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ramp.ondefy.com/ HTTP 308
    https://www.ramp.ondefy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://api.transak.com/api/v2/currencies/fiat-currencies HTTP 301
  • https://api.transak.com/fiat/public/v1/currencies/fiat-currencies

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.ramp.ondefy.com/
Redirect Chain
  • http://www.ramp.ondefy.com/
  • https://www.ramp.ondefy.com/
4 KB
2 KB
Document
General
Full URL
https://www.ramp.ondefy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.240.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-240-115.eu-central-1.compute.amazonaws.com
Software
Caddy nginx /
Resource Hash
77be5695dd1b2222a2b95b3e10ecae633069d3e11e9d3c6025eedfe5171febad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 06 Oct 2023 08:19:23 GMT
etag
W/"651755cc-106d"
last-modified
Fri, 29 Sep 2023 22:55:08 GMT
server
Caddy nginx

Redirect headers

Connection
close
Content-Length
0
Date
Fri, 06 Oct 2023 08:19:23 GMT
Location
https://www.ramp.ondefy.com/
Server
Caddy
app.bundle.js
www.ramp.ondefy.com/
2 MB
688 KB
Script
General
Full URL
https://www.ramp.ondefy.com/app.bundle.js
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.240.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-240-115.eu-central-1.compute.amazonaws.com
Software
Caddy, nginx /
Resource Hash
4888876d9a8d4f564aa58a4a0b02e8727914f172c69fe3a8bd292a64c2443e12

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:24 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 22:55:08 GMT
server
Caddy, nginx
etag
W/"651755cc-249ee3"
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000
app.css
www.ramp.ondefy.com/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.ramp.ondefy.com/app.css
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.240.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-240-115.eu-central-1.compute.amazonaws.com
Software
Caddy, nginx /
Resource Hash
bcd9fb4a66562d966c8caa044472d263d7c848b1975ed45fb3f0de0c75d14100

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:24 GMT
content-encoding
gzip
last-modified
Fri, 29 Sep 2023 22:55:08 GMT
server
Caddy, nginx
etag
W/"651755cc-2a0a"
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000
hotjar-3308049.js
static.hotjar.com/c/
9 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3308049.js?sv=6
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
824156972bd8908ade2efdc78533faaeca98bab11a509ad5614267556ad615a7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 06 Oct 2023 08:19:18 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
6
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/a346c16a4f5615281e0a48c3a2ced712
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
ju2zGJz_ozBiCtRGU9m-bN9Vzp2IFAWSL134P9asoH9NoIwoykfAeQ==
modules.d8412042101ac94cb463.js
script.hotjar.com/
225 KB
55 KB
Script
General
Full URL
https://script.hotjar.com/modules.d8412042101ac94cb463.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3308049.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
2d66d0e2862fe3da3ea704b05d4e27749c9baa299efb1c965fc82e2400a37ed6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:14:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
68718
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55985
last-modified
Thu, 05 Oct 2023 13:13:15 GMT
etag
"fd4002be04b4192cce814fc4784db648"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
whhDAOH1Pw9aj4RU8tUODl3-muvALM-sdHZyelDn96VxtzANsNhv8Q==
c398b1917cb609b4a794.ttf
www.ramp.ondefy.com/
53 KB
53 KB
Font
General
Full URL
https://www.ramp.ondefy.com/c398b1917cb609b4a794.ttf?b0nw5l
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.240.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-240-115.eu-central-1.compute.amazonaws.com
Software
Caddy, nginx /
Resource Hash
65bf6dc62b28d52d4c5554d5b0b177786c202062b018c260b2d17616dd912087

Request headers

Referer
https://www.ramp.ondefy.com/app.css
Origin
https://www.ramp.ondefy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:24 GMT
last-modified
Fri, 29 Sep 2023 22:55:08 GMT
server
Caddy, nginx
etag
"651755cc-d548"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
54600
gtm.js
www.googletagmanager.com/
166 KB
60 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N492R5C&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb455cf611454f0504f85a563fc78b4dcbe79bddd58b6bd5c460b28ccdfe8cb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61521
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Oct 2023 08:19:25 GMT
fiat-currencies
api.transak.com/fiat/public/v1/currencies/
Redirect Chain
  • https://api.transak.com/api/v2/currencies/fiat-currencies
  • https://api.transak.com/fiat/public/v1/currencies/fiat-currencies?
281 KB
34 KB
XHR
General
Full URL
https://api.transak.com/fiat/public/v1/currencies/fiat-currencies?
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/
Protocol
H2
Server
2606:4700:20::681a:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7169af06b92eec2499b1f5e60a488d4f7c130f5118248d2972ba3ba8a90f8d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
server
cloudflare
access-control-max-age
5
vary
origin,accept-encoding
access-control-allow-methods
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45H5Iy5lWXXN4EWIlS4AnRXuZwOefqTbwbzykFEFz3xNZgkcWvPApaiEW4PT11K95N4U%2B%2FZChDuJQhnkg5zRxv%2FbyEuw%2BNAePB2fLOZOOlXSMEm6Mlmgz0CZUaQBD8%2F3mqbWlT4kNafrEFcOCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
811c7ab19872d912-HEL
access-control-allow-headers
*

Redirect headers

date
Fri, 06 Oct 2023 08:19:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Of%2BMeJYd37k2yA9FU3wRv1eKIu373x%2B7G5itzY9SKLMUKTX2llycVjLrIBcDvdNA4QAq%2FLpo6sXbN5Vs%2B3i52wchWdC48G0vqXaPq0wq4J2tJMR4ToKVE8lpycFwaYaiVWXoNbKHXYUH62rIg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://api.transak.com/fiat/public/v1/currencies/fiat-currencies?
access-control-allow-origin
*
cf-ray
811c7ab0de64d912-HEL
alt-svc
h3=":443"; ma=86400
content-length
0
crypto-currencies
api.transak.com/api/v2/currencies/
226 KB
18 KB
XHR
General
Full URL
https://api.transak.com/api/v2/currencies/crypto-currencies
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/app.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc3b49f60ffe6d03e9fd657671f7702b8a1f263927b7afcb5ffcd4e111b505a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ramp.ondefy.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
server
cloudflare
etag
W/"386dd-AS5f9ST4B7UWPeeHTp1wWvVhHW4"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-max-age
5
access-control-allow-methods
*
access-control-allow-origin
*
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FjSAreZnsyorY9s%2FcMX7ghnDqL6lSxGB48Gqk8eFEpKjRuau0U3QlijPj20zDLbx8OLLCrbZxMoixsoIoeuSbo0WrNt%2BqFRcnWCQwwyDxsi1%2FpjYaF1z9oXKxqTwRNcXRhad6s5SjyUaS4fkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
811c7ab0de6bd912-HEL
access-control-allow-headers
*
lastUpdateTime
api-tokens.ondefy.com/v1/
0
696 B
XHR
General
Full URL
https://api-tokens.ondefy.com/v1/lastUpdateTime
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/app.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.232.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-232-196.eu-central-1.compute.amazonaws.com
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ramp.ondefy.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 06 Oct 2023 08:19:24 GMT
x-content-type-options
nosniff
ratelimit-reset
1
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
x-last-update-time
1696580248409
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
ratelimit-limit
50
alt-svc
h3=":443"; ma=2592000
x-xss-protection
0
referrer-policy
no-referrer
ratelimit-policy
50;w=1
cross-origin-opener-policy
same-origin
server
Caddy
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
origin-agent-cluster
?1
access-control-expose-headers
X-Last-Update-Time,X-Last-Complete-Update-Time
ratelimit-remaining
49
f0afdb06b44073a02007.woff2
www.ramp.ondefy.com/
29 KB
30 KB
Font
General
Full URL
https://www.ramp.ondefy.com/f0afdb06b44073a02007.woff2
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.240.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-240-115.eu-central-1.compute.amazonaws.com
Software
Caddy, nginx /
Resource Hash
24d376f845169a00fb77fc763a5cae9201573805314867072f4e3a3758cbb976

Request headers

Referer
https://www.ramp.ondefy.com/app.css
Origin
https://www.ramp.ondefy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:24 GMT
last-modified
Fri, 29 Sep 2023 22:55:08 GMT
server
Caddy, nginx
etag
"651755cc-75e4"
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
30180
fe9bdcfd0955e84eacbc.woff2
www.ramp.ondefy.com/
30 KB
30 KB
Font
General
Full URL
https://www.ramp.ondefy.com/fe9bdcfd0955e84eacbc.woff2
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.240.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-240-115.eu-central-1.compute.amazonaws.com
Software
Caddy, nginx /
Resource Hash
5eb1ed444b31fc082f785a2b8da78cebaff6846c837e65973a1fa586ff362993

Request headers

Referer
https://www.ramp.ondefy.com/app.css
Origin
https://www.ramp.ondefy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:24 GMT
last-modified
Fri, 29 Sep 2023 22:55:08 GMT
server
Caddy, nginx
etag
"651755cc-76c8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
30408
b105747602e3c4729a4a.woff2
www.ramp.ondefy.com/
30 KB
30 KB
Font
General
Full URL
https://www.ramp.ondefy.com/b105747602e3c4729a4a.woff2
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.75.240.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-240-115.eu-central-1.compute.amazonaws.com
Software
Caddy, nginx /
Resource Hash
0e58a210f035cb5bdf3d20e5f9843c946556386f023b5b330517f43f1fe17497

Request headers

Referer
https://www.ramp.ondefy.com/app.css
Origin
https://www.ramp.ondefy.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:24 GMT
last-modified
Fri, 29 Sep 2023 22:55:08 GMT
server
Caddy, nginx
etag
"651755cc-7618"
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
30232
3308049
vc.hotjar.io/sessions/
0
258 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/3308049?s=0.25&r=0.22393151181532578
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d8412042101ac94cb463.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-110.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:25 GMT
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
_LGNELDL58euFykgF6bm4u-9KWH2SfwCgZzDe91G5YGBt5Vafzx9yQ==
/
content.hotjar.io/
56 B
161 B
XHR
General
Full URL
https://content.hotjar.io/?gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d8412042101ac94cb463.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.48.140.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-140-7.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e1b1347b127c995bb6548f62e5e274fb47ba25eba54c221203145c8102396fcc

Request headers

Referer
https://www.ramp.ondefy.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 06 Oct 2023 08:19:25 GMT
content-length
56
vary
Origin
content-type
application/json
getTokenContractsSorted
api-tokens.ondefy.com/v1/
3 MB
3 MB
XHR
General
Full URL
https://api-tokens.ondefy.com/v1/getTokenContractsSorted?byNetwork=true&platformId[]=ethereum&platformId[]=optimistic-ethereum&platformId[]=binance-smart-chain&platformId[]=polygon-pos&platformId[]=fantom&platformId[]=zksync&platformId[]=base&platformId[]=arbitrum-one&platformId[]=celo&platformId[]=avalanche
Requested by
Host: www.ramp.ondefy.com
URL: https://www.ramp.ondefy.com/app.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.68.232.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-68-232-196.eu-central-1.compute.amazonaws.com
Software
Caddy /
Resource Hash
10e1014ecf966918d3fcca4de2d00d609269014d0b0f7c27f9c3d733e611a663
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.ramp.ondefy.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Fri, 06 Oct 2023 08:19:25 GMT
x-content-type-options
nosniff
ratelimit-reset
1
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
ratelimit-limit
50
alt-svc
h3=":443"; ma=2592000
content-length
3607387
x-xss-protection
0
referrer-policy
no-referrer
ratelimit-policy
50;w=1
cross-origin-opener-policy
same-origin
server
Caddy
etag
W/"370b5b-tljK1kANGBzaOagv9ZBSolh7B1g"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
access-control-expose-headers
X-Last-Update-Time,X-Last-Complete-Update-Time
ratelimit-remaining
49
js
www.googletagmanager.com/gtag/
266 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RRXG2ZDWLB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N492R5C&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a770727a1053cc618fd044ede307728ea8d30b64c4b27b9c19a5379b8da1be8c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 08:19:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91375
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Oct 2023 08:19:25 GMT
collect
region1.google-analytics.com/g/
0
257 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RRXG2ZDWLB&gtm=45je3a40&_p=1363271315&cid=8108803.1696580365&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696580365&sct=1&seg=0&dl=https%3A%2F%2Fwww.ramp.ondefy.com%2F&dt=Buy%20any%20token%20with%20your%20card%20%7C%20Ondefy&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RRXG2ZDWLB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.ramp.ondefy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Oct 2023 08:19:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ramp.ondefy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| tempTheme function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackChunkondefy_ramp function| _ function| Pusher object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

7 Cookies

Domain/Path Name / Value
.ondefy.com/ Name: _hjSessionUser_3308049
Value: eyJpZCI6ImU0NzI1Y2VhLWI1ZTgtNWE2YS05ZDAyLTE4YjA5NGEzYzFhMSIsImNyZWF0ZWQiOjE2OTY1ODAzNjQ5NjcsImV4aXN0aW5nIjpmYWxzZX0=
.ondefy.com/ Name: _hjFirstSeen
Value: 1
.ondefy.com/ Name: _hjIncludedInSessionSample_3308049
Value: 1
.ondefy.com/ Name: _hjSession_3308049
Value: eyJpZCI6IjQ1ZmNlMjg4LWE3MTEtNDU3Mi04YWJmLTYyOTdiZDk5ZjQ4MCIsImNyZWF0ZWQiOjE2OTY1ODAzNjQ5NjgsImluU2FtcGxlIjp0cnVlLCJzZXNzaW9uaXplckJldGFFbmFibGVkIjpmYWxzZX0=
.ondefy.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.ondefy.com/ Name: _ga
Value: GA1.1.8108803.1696580365
.ondefy.com/ Name: _ga_RRXG2ZDWLB
Value: GS1.1.1696580365.1.0.1696580365.0.0.0

1 Console Messages

Source Level URL
Text
rendering warning URL: https://www.ramp.ondefy.com/
Message:
The key "target-densitydpi" is not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-tokens.ondefy.com
api.transak.com
content.hotjar.io
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
www.googletagmanager.com
www.ramp.ondefy.com
13.32.27.21
18.66.112.110
18.66.97.53
2001:4860:4802:32::36
2606:4700:20::681a:1f8
2a00:1450:4001:828::2008
3.68.232.196
3.75.240.115
52.48.140.7
0e58a210f035cb5bdf3d20e5f9843c946556386f023b5b330517f43f1fe17497
10e1014ecf966918d3fcca4de2d00d609269014d0b0f7c27f9c3d733e611a663
24d376f845169a00fb77fc763a5cae9201573805314867072f4e3a3758cbb976
2d66d0e2862fe3da3ea704b05d4e27749c9baa299efb1c965fc82e2400a37ed6
4888876d9a8d4f564aa58a4a0b02e8727914f172c69fe3a8bd292a64c2443e12
5eb1ed444b31fc082f785a2b8da78cebaff6846c837e65973a1fa586ff362993
65bf6dc62b28d52d4c5554d5b0b177786c202062b018c260b2d17616dd912087
77be5695dd1b2222a2b95b3e10ecae633069d3e11e9d3c6025eedfe5171febad
824156972bd8908ade2efdc78533faaeca98bab11a509ad5614267556ad615a7
a770727a1053cc618fd044ede307728ea8d30b64c4b27b9c19a5379b8da1be8c
bcd9fb4a66562d966c8caa044472d263d7c848b1975ed45fb3f0de0c75d14100
c7169af06b92eec2499b1f5e60a488d4f7c130f5118248d2972ba3ba8a90f8d6
e1b1347b127c995bb6548f62e5e274fb47ba25eba54c221203145c8102396fcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc3b49f60ffe6d03e9fd657671f7702b8a1f263927b7afcb5ffcd4e111b505a
fb455cf611454f0504f85a563fc78b4dcbe79bddd58b6bd5c460b28ccdfe8cb8