ramtoordee.com Open in urlscan Pro
104.21.45.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid...
Effective URL:
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-...
Submission: On June 30 via api (June 30th 2024, 1:35:19 am UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 25 HTTP transactions. The main IP is 104.21.45.38, located in and belongs to CLOUDFLARENET, US. The main domain is ramtoordee.com.
TLS certificate: Issued by GTS CA 1P5 on May 29th 2024. Valid for: 3 months.

This is the only time ramtoordee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a05:d014:286... 2a05:d014:286:3501:1f10:7bbc:2030:c69	16509 (AMAZON-02) (AMAZON-02)
9	104.21.45.38 104.21.45.38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	2606:4700:10:... 2606:4700:10::6816:1874	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
25	8

2 2a05:d014:286:3501:1f10:7bbc:2030:c69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

bemob.giveaway2024.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.21.45.38 (None, )

ASN13335 (CLOUDFLARENET, US)

ramtoordee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1874 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cdntechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 24328
9	ramtoordee.com ramtoordee.com	52 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 8833	1 KB
2	giveaway2024.live bemob.giveaway2024.live	1 KB
1	datatechone.com datatechone.com — Cisco Umbrella Rank: 67320	467 B
1	cdntechone.com cdntechone.com — Cisco Umbrella Rank: 61182	8 KB
1	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 18187	2 KB
25	7

	Domain	Requested by
9	jouteetu.net	ramtoordee.com
9	ramtoordee.com	ramtoordee.com
2	my.rtmark.net	ramtoordee.com
2	bemob.giveaway2024.live
1	datatechone.com	cdntechone.com
1	cdntechone.com	ramtoordee.com
1	littlecdn.com	ramtoordee.com
25	7

This site contains links to these domains. Also see Links.

Domain
pivonoms.net
glugreez.com

Subject Issuer	Validity	Valid
bemob.giveaway2024.live R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
ramtoordee.com GTS CA 1P5	`2024-05-29` - `2024-08-27`	3 months	crt.sh
rtmark.net R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
littlecdn.com E1	`2024-05-09` - `2024-08-07`	3 months	crt.sh
jouteetu.net R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
cdntechone.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-10` - `2024-12-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Frame ID: 57EC0D10C58ADC12659F06BECE2D3468
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) Benachrichtigung

Page URL History Show full URLs

http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid... HTTP 307
https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid... Page URL
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var... Page URL

Page Statistics

25
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

8
IPs

5
Countries

64 kB
Transfer

161 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://pivonoms.net/4/7612086/?var=7632961&ymid=3c455b91-c420-4b25-90cb-e5c8fbed16bd&var_3=miss_831091958820377010&land_state=marker_success&land_id=ppletbgpKX2HYs5&land_generation_time=2024-06-29_20:35:14&land_error_code=&ruid=e4c81f7f-97c7-4dbc-a406-bb7a68ce83ce&mgeo=de&oaid=eb847d615dbb30aa0817ff8a8fb4b488&land_type=rtr&isPushSubscribed=false&isPushAlreadySubscribed=false&land_tracker=marker&land_purchase_method=apk
Title: Abbrechen

Search URL Search Domain Scan URL

URL: https://glugreez.com/submenu/1128934?var={CLICK_ID}
Title: Go to site

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&os_version=%7Bos_version%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&geo=%7Bgeo%7D HTTP 307
https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&os_version=%7Bos_version%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&geo=%7Bgeo%7D Page URL
https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&os_version=%7Bos_version%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&geo=%7Bgeo%7D HTTP 307
https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&os_version=%7Bos_version%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&geo=%7Bgeo%7D

25 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

686d17a7-2a7e-49f7-9600-05ed7d4f82bd
bemob.giveaway2024.live/go/
Redirect Chain

http://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&os...
https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&o...

331 B
1 KB

106ms
40ms

Document
text/html

2a05:d014:286:3501:1f10:7bbc:2030:c69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&os_version=%7Bos_version%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&geo=%7Bgeo%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a05:d014:286:3501:1f10:7bbc:2030:c69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 30 Jun 2024 01:35:14 GMT
etag: W/"14b-x/T9GT1MTEy+x4x8sI3q1TKbf8c"
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: openresty
vary: Accept-Encoding
x-response-time: 14.931ms

Redirect headers

Location: https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&os_version=%7Bos_version%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&geo=%7Bgeo%7D
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 Primary Request / Show response
ramtoordee.com/ 79 KB
31 KB 115ms
78ms Document
text/html 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b9af37d1556affb2b888f3eee0d74acee497c8739ce0f9b583347c90c2c6fe60

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bemob.giveaway2024.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89ba6b249a0f9bf4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 30 Jun 2024 01:35:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DRGByqnyxPr79Xb18kATiBmVIF6PPxlzn4qnf0q0VDoP6hPvtR3igR7r7Tw86m27PoD8L%2BGUZdeXdryv%2BLMsb11Z9dVikrVC7a6BOf%2Fr%2Bd1ZHcpiPvXM6QlwdeAKgTUu7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 404 favicon.ico
bemob.giveaway2024.live/ 552 B
260 B 22ms
21ms Other
text/html 2a05:d014:286:3501:1f10:7bbc:2030:c69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bemob.giveaway2024.live/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a05:d014:286:3501:1f10:7bbc:2030:c69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.126"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://bemob.giveaway2024.live/go/686d17a7-2a7e-49f7-9600-05ed7d4f82bd?cost=%7Bcost%7D&visitor_id=$%7Bsubid%7D&zoneid=%7Bzoneid%7D&campaignid=%7Bcampaignid%7D&bannerid=%7Bbannerid%7D&os=%7Bos%7D&os_version=%7Bos_version%7D&device=%7Bdevice%7D&browser=%7Bbrowser%7D&connection_type=%7Bconnection_type%7D&carrier=%7Bcarrier%7D&geo=%7Bgeo%7D
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.126", "Google Chrome";v="126.0.6478.126"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: text/html

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 135ms
41ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=eb847d615dbb30aa0817ff8a8fb4b488

Requested by

Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

86e2911446d3e3d5b9af0f46c56276076c59b6ddbb80b3d701913944b79f13b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ramtoordee.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 micro.tag.min.js Show response
ramtoordee.com/pfe/current/ 38 KB
14 KB 49ms
48ms Script
application/javascript 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 762f189600317b0c21b11c1ea3a49b3caf3cd01e835d48310b8daf1336622b78

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 30 Jun 2024 01:35:14 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 28 Jun 2024 09:14:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667e7f04-96fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SutODyd9uXTYDSk6so4TPjw3expYj%2BSBL0173LaccblysSYJX0U8QXpzyO6444YG%2BzHHv5kdY%2Bsj2OZpoRv5gBtYBAIsQgwtjJKGxOTLAfK%2BgGsm%2BtfDP%2BB6QOgB%2FyIHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 89ba6b254ad69bf4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.css
littlecdn.com/apps/templates/questions/window/build/ 5 KB
2 KB 93ms
35ms Stylesheet
text/css 2606:4700:10::6816:1874
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/apps/templates/questions/window/build/main.css?v3023494261222
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdad742fdf104921af31a4e65e639cd2f7ec013fee98b1a60d8954fa3c569621

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2024 16:17:37 GMT
server: cloudflare
age: 4210
etag: W/"667d90a1-1448"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 89ba6b25a86d2c59-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6678fbb34f3ef18c5649c7cfc1302c671ff5b1c8e9f4365fb51f3d629dab2924

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 017427174432.png
ramtoordee.com/contents/s/b0/7a/bf/15a1d5dd40763c778029aa6fb2/ 1 KB
2 KB 30ms
29ms Image
image/png 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ramtoordee.com/contents/s/b0/7a/bf/15a1d5dd40763c778029aa6fb2/017427174432.png
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6157
alt-svc: h3=":443"; ma=86400
content-length: 1404
last-modified: Tue, 16 Apr 2024 15:30:29 GMT
server: cloudflare
etag: "661e9995-57c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbdR2Fdtt%2BvaRFhqyt0jbrkXlhBt4Gi6QHBgZhab4jQtNzCGNFsAhIPcbVPvIOydbUXj68wk2cjhk8xh4OiOzDis%2FmM7idSq8QmuyhDYnsaZvjAFkCCZOH0nF8GS37zbtw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 89ba6b254adb9bf4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

POST
H2 200 custom
jouteetu.net/ 0
0 151ms
43ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 7608761
ramtoordee.com/sw-check-permissions/ 0
999 B 61ms
61ms Other
application/javascript 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ramtoordee.com/sw-check-permissions/7608761?var=7632961&var_3=21308327_&ymid=%7Brequest_var%7D&uhd=1&zoneId=7608761
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcNeSaue4i%2BInFZyt%2BlM1vEIEk3FsyKVNApqHSVwiSNYlTfG2zHqegONjqjlutX4h4cLqKQHC8oyIxfFDurCCuOA0rajIOayFVc9%2BMxuL8YSppBY2GgeCyOyxRxPoUF9gA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 89ba6b25ab419bf4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 150ms
43ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H3 200 zone
ramtoordee.com/ 0
565 B 51ms
51ms Ping
text/plain 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ramtoordee.com/zone?&pub=0&zone_id=7608761&is_mobile=false&domain=ramtoordee.com&var=7632961&ymid=%7Brequest_var%7D&var_3=21308327_&var_4=&dsig=&tg=1&sw=3.1.529&trace_id=1437f2ca-98ac-45af-99bc-0e7c2a28f457&action=prerequest&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguMTI2In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI2LjAuNjQ3OC4xMjYifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsIndvdzY0IjpmYWxzZX0=&drf=https://bemob.giveaway2024.live/

Requested by

Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKQWbjHyLvv2trmPE%2FsjQUn2P80hq8X5welegjYNyYY6799Ui4TyNXoKSDFsbBTZNoftHkjYLOcFD5IOkOCNm8egDLF%2BnU1qh2LulEOj1uky6UpY1QE7Cy53kXqcKsb67g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ramtoordee.com
access-control-allow-credentials: true
cf-ray: 89ba6b25ab459bf4-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 182ms
76ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 stattag.js Show response
cdntechone.com/ 16 KB
8 KB 82ms
32ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdntechone.com/stattag.js
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae0d442d77ea9528a5c8162816db73c0ac35e6ebc0d6359b28645565cdac160

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jun 2024 13:48:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3605
etag: W/"667acaac-4030"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K1JvPiRwLKj8JP%2B8AjulNdiOs45qSVfTN8vSLRpoX33Wxwz650A6%2Bcp8nPauCC53S3XQ7nCpwPDLQLVhVzEpbKlhGZkZvlHdVn%2B%2F5AOyRWqUcA8I44a8UDzPLtUkW3i37Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 89ba6b25fb059207-FRA
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 182ms
76ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 78ms
45ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=7608761&checkDuplicate=true&ymid={request_var}&var=7632961&source=pusher

Requested by

Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

b92c4b41adfc8fe8d7a5b1b693d40c2ad01e3c09d0f1a908aecf3873d9e59e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ramtoordee.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 custom
jouteetu.net/ 0
0 184ms
78ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 custom
jouteetu.net/ 0
0 164ms
77ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zone Show response
ramtoordee.com/ 793 B
1 KB 42ms
41ms Fetch
application/json 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ramtoordee.com/zone?&pub=0&zone_id=7608761&is_mobile=false&domain=ramtoordee.com&var=7632961&ymid=%7Brequest_var%7D&var_3=21308327_&var_4=&dsig=&tg=1&sw=3.1.529&trace_id=1437f2ca-98ac-45af-99bc-0e7c2a28f457&action=settings&ch=eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjYifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjYifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJOb3QvQSlCcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyNi4wLjY0NzguMTI2In0seyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTI2LjAuNjQ3OC4xMjYifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsIndvdzY0IjpmYWxzZX0=

Requested by

Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa91deddf7d07a73a7ecf43264469c8246078bd2d8c106ceb0f721c73753a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buVyUPsQmBiwmZL1nc0QfK1FL%2BdbpDW4EpD2MJw6hc%2Fg3A%2BSDcUTVUUUqrggLumiApJQXAZ9dsCn57S8TAAsUNZjGaMY40t0es8VDLugeAnk5Fntr538AOQlG0%2BkEcKBxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 89ba6b25cb839bf4-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept

POST
H3 200 / Show response
ramtoordee.com/ 2 B
535 B 45ms
45ms XHR
application/json 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo&mprtr=1&os_version=10.0.0
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X54y2Gi2b3P%2BbU%2Btm87HduKWhjN%2Fp9qHX6JJU4mjzWUTipYAVTI2ZmyZDfozCSEeqcIw2%2B%2Fx180oYXrqysT5PcN9bW833JP%2BSAMDvNVpskcxWICzTP0IQ50PvHEWdMCB%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 89ba6b25eb8e9bf4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 53ms
50ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 track-impression-applab Show response
ramtoordee.com/ 807 B
1 KB 50ms
50ms Fetch
application/json 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ramtoordee.com/track-impression-applab?z=7632961&b=21308327&ymid=YaNDzTk8whVwfS4p746mTo&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&var_3=21308327_&redirect=false&redirectUrl=https%3A%2F%2Fpivonoms.net%2F4%2F7612086%2F%3Fvar%3D7632961%26ymid%3D3c455b91-c420-4b25-90cb-e5c8fbed16bd%26var_3%3D%24%7BSUBID%7D%26land_state%3Dbefore_render%26land_id%3DppletbgpKX2HYs5%26land_generation_time%3D2024-06-29_20%3A35%3A14%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3Deb847d615dbb30aa0817ff8a8fb4b488%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=10.0.0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9413180ba12ac8fa94af16cf5d1c2612134cd4d833a6c5251b4b60c78166337

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 79c459cb9370268e82e24d0014e9e4af
pragma: no-cache
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iNtGSIyT2OgzxEH1r2%2FL%2FfcUJx7pmUQPITOiPHNY0wJcw03UloVS20A7tfxnTy396Sn6JD%2FDUa9shPfJ38Sw%2B48cw3tRDywS4XkXTkLSKcWTGk%2BON7EY3ObqYtY2AreS7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 89ba6b261bab9bf4-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 custom
jouteetu.net/ 0
0 52ms
50ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK add Show response
datatechone.com/log/ 2 B
467 B 107ms
33ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=79b8b31a-f5b5-449e-9c97-e907dd6cec81&ruid=7aca30df-11c7-46c5-85a8-d6abf6666e32
Requested by: Host: cdntechone.com
URL: https://cdntechone.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 30 Jun 2024 01:35:15 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ramtoordee.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H3 204 favicon.ico
ramtoordee.com/ 0
418 B 33ms
31ms Other
text/plain 104.21.45.38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ramtoordee.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.45.38 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://ramtoordee.com/?l=ppletbgpKX2HYs5&b=21308327&z=7632961&s={CLICK_ID}&campid={campaignid}&var=3c455b91-c420-4b25-90cb-e5c8fbed16bd&ymid=YaNDzTk8whVwfS4p746mTo&ymid=YaNDzTk8whVwfS4p746mTo
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 01:35:14 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6971
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PWRZA4otubBYcAiAByVUEgHvbGLW%2FS5rM8fEqhkdg0mMVXbXhw%2FPdFnTLFn9E%2BFAH5TyfydzNfpC7mdhPwnxi57b9GXDtnjYqA4HpjEFNJPlMX5BP%2FBbv1B6wsd6zTigoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 89ba6b267bd99bf4-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 1753ms
1753ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: ramtoordee.com
URL: https://ramtoordee.com/pfe/current/micro.tag.min.js?uhd=1&z=7608761&ymid={request_var}&var=7632961&sw=/sw-check-permissions/7608761&var_3=21308327_
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://ramtoordee.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bemob.giveaway2024.live/	1970-01-21 06:27:27	Name: bemob-viewer-id Value: 9b72151e-5715-40df-b964-373b0b1d8a65
.bemob.giveaway2024.live/	1970-01-20 21:43:17	Name: bemob-uniq-visit:686d17a7-2a7e-49f7-9600-05ed7d4f82bd Value: 1
.bemob.giveaway2024.live/	1970-01-20 21:43:17	Name: bemob-rotation:686d17a7-2a7e-49f7-9600-05ed7d4f82bd:random:9daecdc64cb96019be820168207fb6f6 Value: 0-0-0
.bemob.giveaway2024.live/	1970-01-20 22:25:03	Name: bemob-click-id Value: YaNDzTk8whVwfS4p746mTo
ramtoordee.com/	1970-01-20 21:41:54	Name: reverse Value: Dzzd7gg7iZZlPewG66OFQWgsUlpDI7DoKbGWV0WkSCg
ramtoordee.com/	1970-01-21 06:27:27	Name: OAID Value: eb847d615dbb30aa0817ff8a8fb4b488
ramtoordee.com/	1970-01-21 07:17:51	Name: oaidts Value: 1719711314
ramtoordee.com/	1970-01-20 21:51:56	Name: syncedCookie Value: true
my.rtmark.net/	1970-01-21 06:27:27	Name: ID Value: 01808b485f064b10f9748e3255bb44d4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bemob.giveaway2024.live/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bemob.giveaway2024.live
cdntechone.com
datatechone.com
jouteetu.net
littlecdn.com
my.rtmark.net
ramtoordee.com
104.21.45.38
139.45.195.8
139.45.197.251
188.114.97.3
2606:4700:10::6816:1874
2a05:d014:286:3501:1f10:7bbc:2030:c69
37.48.68.71
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44732c891c3fffbf3ec24e05f43fb59908ed9e467f35f424f71a45a649f78f01
5ae0d442d77ea9528a5c8162816db73c0ac35e6ebc0d6359b28645565cdac160
6678fbb34f3ef18c5649c7cfc1302c671ff5b1c8e9f4365fb51f3d629dab2924
762f189600317b0c21b11c1ea3a49b3caf3cd01e835d48310b8daf1336622b78
86e2911446d3e3d5b9af0f46c56276076c59b6ddbb80b3d701913944b79f13b2
9fa91deddf7d07a73a7ecf43264469c8246078bd2d8c106ceb0f721c73753a99
b92c4b41adfc8fe8d7a5b1b693d40c2ad01e3c09d0f1a908aecf3873d9e59e33
b9af37d1556affb2b888f3eee0d74acee497c8739ce0f9b583347c90c2c6fe60
bdad742fdf104921af31a4e65e639cd2f7ec013fee98b1a60d8954fa3c569621
c9413180ba12ac8fa94af16cf5d1c2612134cd4d833a6c5251b4b60c78166337
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ramtoordee.com Open in urlscan Pro 104.21.45.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

25 Requests

100 %HTTPS

29 %IPv6

7 Domains

7 Subdomains

8 IPs

5 Countries

64 kBTransfer

161 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

9 Cookies

1 Console Messages

Indicators

ramtoordee.com Open in urlscan Pro
104.21.45.38 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

8
IPs

5
Countries

64 kB
Transfer

161 kB
Size

9
Cookies

25 HTTP transactions
1 data transactions